Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25215 | 1 Phicomm | 10 K2, K2 Firmware, K2g and 7 more | 2023-08-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself. | |||||
| CVE-2022-25213 | 1 Phicomm | 10 K2, K2 Firmware, K2g and 7 more | 2023-08-08 | 7.2 HIGH | 6.8 MEDIUM |
| Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell. | |||||