Wireless 1410D Gateway Firmware Security Vulnerabilities
The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk.
8.8CVSS
8.5AI Score
0.001EPSS
The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.
8CVSS
6.3AI Score
0.001EPSS
The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.
8.8CVSS
8.7AI Score
0.001EPSS
The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change.
8.8CVSS
8.5AI Score
0.001EPSS
The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.
8.8CVSS
8.5AI Score
0.001EPSS
The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure.
8.8CVSS
8.6AI Score
0.001EPSS