Every CVE whose affected-product data names Ewon Ewon Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2015-7926 — CVSS 9.9 (critical): eWON devices with firmware before 10.1s0 omit RBAC for I/O server information and status requests, which allows remote attackers to obtain…
CVE-2015-7924 — CVSS 8.8 (high): eWON devices with firmware before 10.1s0 do not trigger the discarding of browser session data in response to a log-off action, which makes…
CVE-2015-7928 — CVSS 8.5 (high): eWON devices with firmware before 10.1s0 do not have an off autocomplete attribute for a password field, which makes it easier for remote…
CVE-2015-7925 — CVSS 8.0 (high): Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the…
CVE-2015-7927 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to inject arbitrary web…
CVE-2015-7929 — CVSS 4.3 (medium): eWON devices with firmware through 10.1s0 support unspecified GET requests, which might allow remote attackers to obtain sensitive…