Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-14533 | 1 Intenogroup | 2 Iopsys, Iopsys Firmware | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp. | |||||
CVE-2018-10123 | 1 Intenogroup | 2 Iopsys, Iopsys Firmware | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
p910nd on Inteno IOPSYS 2.0 through 4.2.0 allows remote attackers to read, or append data to, arbitrary files via requests on TCP port 9100. | |||||
CVE-2017-17867 | 1 Intenogroup | 1 Iopsys | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by a program located on an SMB share. This issue existed because the /etc/uci-defaults directory was not being used to secure the OpenWrt configuration. |