Vulnerabilities (CVE)

Filtered by vendor Dragino Subscribe
Filtered by product Lg01 Lora Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45228 1 Dragino 2 Lg01 Lora, Lg01 Lora Firmware 2024-02-28 N/A 3.5 LOW
Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page.
CVE-2022-45227 1 Dragino 2 Lg01 Lora, Lg01 Lora Firmware 2024-02-28 N/A 7.5 HIGH
The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https://10.10.20.74/lib/. This address has a backup file which can be downloaded without any authentication.