Prolink Prc2402m
5 CVEs affecting Prolink Prc2402m. Latest disclosed: 2026-02-20. Critical: 4, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-35402 | Critical | 10.0 | 2026-02-20 | PROLiNK PRC2402M 20190909 before 2021-06-13 allows live_api.cgi?page=satellite_list OS command injection via shell metacharacters in the ip parameter (for sate… |
CVE-2021-36707 | Critical | 9.8 | 2021-08-06 | In ProLink PRC2402M V1.0.18 and older, the set_ledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial c… |
CVE-2021-36706 | Critical | 9.8 | 2021-08-06 | In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial comm… |
CVE-2021-36705 | Critical | 9.8 | 2021-08-06 | In ProLink PRC2402M V1.0.18 and older, the set_TR069 function in the adm.cgi binary, accessible with a page parameter value of TR069 contains a trivial command… |
CVE-2021-36708 | High | 7.5 | 2021-08-06 | In ProLink PRC2402M V1.0.18 and older, the set_sys_init function in the login.cgi binary allows an attacker to reset the password to the administrative interfa… |