Emerson Wireless 1420 Gateway Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Emerson Wireless 1420 Gateway Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2020-12030 — CVSS 10.0 (critical): There is a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables…
CVE-2020-19417 — CVSS 8.8 (high): Emerson Smart Wireless Gateway 1420 4.6.59 allows non-privileged users (such as the default account 'maint') to perform administrative…
CVE-2021-38485 — CVSS 8.0 (high): The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config…
CVE-2021-42536 — CVSS 8.0 (high): The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.
CVE-2021-42538 — CVSS 8.0 (high): The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.
CVE-2021-42539 — CVSS 8.0 (high): The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and…
CVE-2021-42540 — CVSS 8.0 (high): The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic…
CVE-2021-42542 — CVSS 8.0 (high): The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure.