Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Fatpipeinc Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-27855 1 Fatpipeinc 4 Ipvpn, Ipvpn Firmware, Mpvpn Firmware and 1 more 2022-07-29 6.5 MEDIUM 8.8 HIGH
FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, authenticated attacker with read-only privileges to grant themselves administrative privileges. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this vulnerability is FPSA001.
CVE-2021-27857 1 Fatpipeinc 6 Ipvpn, Ipvpn Firmware, Mpvpn and 3 more 2021-12-21 4.3 MEDIUM 7.5 HIGH
A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker to download a configuration archive. The attacker needs to know or correctly guess the hostname of the target system since the hostname is used as part of the configuration archive file name. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this vulnerability is FPSA003.
CVE-2021-27859 1 Fatpipeinc 6 Ipvpn, Ipvpn Firmware, Mpvpn and 3 more 2021-12-21 6.5 MEDIUM 8.8 HIGH
A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows an authenticated, remote attacker with read-only privileges to create an account with administrative privileges. Older versions of FatPipe software may also be vulnerable. This does not appear to be a CSRF vulnerability. The FatPipe advisory identifier for this vulnerability is FPSA005.
CVE-2021-27860 1 Fatpipeinc 6 Ipvpn, Ipvpn Firmware, Mpvpn and 3 more 2021-12-15 9.3 HIGH 8.8 HIGH
A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p92 and 10.2.2r44p1 allows a remote, unauthenticated attacker to upload a file to any location on the filesystem. The FatPipe advisory identifier for this vulnerability is FPSA006.