Enphase Iq Gateway Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Enphase Iq Gateway Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-21878 — CVSS 9.8 (critical): Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Enphase IQ Gateway (formerly known as…
CVE-2024-21876 — CVSS 9.1 (critical): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability via a URL parameter in Enphase IQ Gateway…
CVE-2024-21879 — CVSS 8.8 (high): Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability through an url parameter of an…
CVE-2024-21880 — CVSS 7.2 (high): Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability via the url parameter of an authenticated…
CVE-2024-21877 — CVSS 6.5 (medium): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability through a url parameter in Enphase IQ Gateway…