Oringnet Iap-420

8 CVEs affecting Oringnet Iap-420. Latest disclosed: 2024-12-10. Critical: 2, High: 3.

Top CVEs affecting Oringnet Iap-420
CVESeverityScorePublishedSummary
CVE-2024-55547Critical9.82024-12-10SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP-420: through 2.01e.
CVE-2022-3203Critical9.82022-10-21On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or…
CVE-2024-55544High8.82024-12-10Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and be…
CVE-2024-5411High8.82024-05-28Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects I…
CVE-2024-55548High7.52024-12-10Improper check of password character lenght in ORing IAP-420 allows a forced deadlock. This issue affects IAP-420: through 2.01e.
CVE-2024-55545Medium6.12024-12-10Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVE-2024-55546Medium5.42024-12-10Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVE-2024-5410Medium5.42024-05-28Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.