Vulnerabilities (CVE)

Filtered by vendor Comtrend Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-10173 1 Comtrend 2 Vr-3033, Vr-3033 Firmware 2024-11-21 9.0 HIGH 8.8 HIGH
Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices have Multiple Authenticated Command Injection vulnerabilities via the ping and traceroute diagnostic pages, as demonstrated by shell metacharacters in the pingIpAddress parameter to ping.cgi.
CVE-2018-8062 1 Comtrend 2 Ar-5387un, Ar-5387un Firmware 2024-11-21 3.5 LOW 5.4 MEDIUM
A cross-site scripting (XSS) vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04_R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service.
CVE-2018-20388 1 Comtrend 4 Cm-6200un, Cm-6200un Firmware, Cm-6300n and 1 more 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
CVE-2010-0470 1 Comtrend 1 Ct-507it Adsl Router 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend CT-507IT ADSL Router allows remote attackers to inject arbitrary web script or HTML via the srvName parameter.