Filtered by vendor Actiontec
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-12789 | 1 Actiontec | 2 T2200h, T2200h Firmware | 2020-08-24 | 7.2 HIGH | 6.8 MEDIUM |
| An issue was discovered on Actiontec T2200H T2200H-31.128L.08 devices, as distributed by Telus. By attaching a UART adapter to the UART pins on the system board, an attacker can use a special key sequence (Ctrl-\) to obtain a shell with root privileges. After gaining root access, the attacker can mount the filesystem read-write and make permanent modifications to the device including bricking of the device, disabling vendor management of the device, preventing automatic upgrades, and permanently installing malicious code on the device. | |||||
| CVE-2013-3097 | 1 Actiontec | 2 Mi424wr-gen3i, Mi424wr-gen3i Firmware | 2019-11-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| Unspecified Cross-site scripting (XSS) vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router. | |||||
| CVE-2018-19922 | 1 Actiontec | 2 C1000a, C1000a Firmware | 2019-02-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| Persistent Cross-Site Scripting (XSS) in the advancedsetup_websiteblocking.html Website Blocking page of the Actiontec C1000A router with firmware through CAC004-31.30L.95 allows a remote attacker to inject arbitrary HTML into the Website Blocking page by inserting arbitrary HTML into the 'TodUrlAdd' URL parameter in a /urlfilter.cmd POST request. | |||||