Peplink Balance_380
7 CVEs affecting Peplink Balance_380. Latest disclosed: 2017-06-05. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-8837 | Critical | 9.8 | 2017-06-05 | Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_25… |
CVE-2017-8835 | Critical | 9.8 | 2017-06-05 | SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-buil… |
CVE-2017-8836 | High | 8.8 | 2017-06-05 | CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. Th… |
CVE-2017-8841 | High | 8.1 | 2017-06-05 | Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-… |
CVE-2017-8839 | Medium | 6.1 | 2017-06-05 | XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-b… |
CVE-2017-8838 | Medium | 6.1 | 2017-06-05 | XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-bui… |
CVE-2017-8840 | Medium | 5.3 | 2017-06-05 | Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_… |