Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-45228 | 1 Dragino | 2 Lg01 Lora, Lg01 Lora Firmware | 2024-02-28 | N/A | 3.5 LOW |
Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page. | |||||
CVE-2022-45227 | 1 Dragino | 2 Lg01 Lora, Lg01 Lora Firmware | 2024-02-28 | N/A | 7.5 HIGH |
The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https://10.10.20.74/lib/. This address has a backup file which can be downloaded without any authentication. |