Vulnerabilities (CVE)

Filtered by vendor Comtechtel Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-7244 1 Comtechtel 2 Stampede Fx-1010, Stampede Fx-1010 Firmware 2024-11-21 9.0 HIGH 7.2 HIGH
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Poll Routes page and entering shell metacharacters in the Router IP Address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
CVE-2020-7243 1 Comtechtel 2 Stampede Fx-1010, Stampede Fx-1010 Firmware 2024-11-21 9.0 HIGH 7.2 HIGH
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
CVE-2020-7242 1 Comtechtel 2 Stampede Fx-1010, Stampede Fx-1010 Firmware 2024-11-21 9.0 HIGH 7.2 HIGH
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Diagnostics Trace Route page and entering shell metacharacters in the Target IP address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
CVE-2020-5179 1 Comtechtel 2 Stampede Fx-1010, Stampede Fx-1010 Firmware 2024-11-21 9.0 HIGH 7.2 HIGH
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Diagnostics Ping page and entering shell metacharacters in the Target IP address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
CVE-2019-17667 1 Comtechtel 2 H8 Heights Remote Gateway, H8 Heights Remote Gateway Firmware 2024-11-21 3.5 LOW 5.4 MEDIUM
Comtech H8 Heights Remote Gateway 2.5.1 devices allow XSS and HTML injection via the Site Name (aka SiteName) field.