Vulnerabilities (CVE)

Filtered by vendor Meinbwa Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-10250 1 Meinbwa 2 Direx-pro, Direx-pro Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3.
CVE-2020-10249 1 Meinbwa 2 Direx-pro, Direx-pro Firmware 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to val_soft.php3.
CVE-2020-10248 1 Meinbwa 2 Direx-pro, Direx-pro Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to val_users.php3.