Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Unibox_u1000_firmware
(Indionetworks)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-04-09 | CVE-2020-21883 | Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover. | Unibox_u1000_firmware, Unibox_u2500_firmware, Unibox_u5000_firmware, Unibox_u500_firmware, Unibox_u50_firmware | 8.8 | ||
| 2021-04-09 | CVE-2020-21884 | Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduser, /dhcp_leases, /go?rid=202 in which a specially crafted HTTP request may reconfigure the device. | Unibox_u1000_firmware, Unibox_u2500_firmware, Unibox_u5000_firmware, Unibox_u500_firmware, Unibox_u50_firmware | 8.8 |