Infiray Iray-a8z3 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Infiray Iray-a8z3 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-31209 — CVSS 9.8 (critical): An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The firmware contains a potential buffer overflow by calling strcpy() without…
CVE-2022-31210 — CVSS 9.8 (critical): An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/set_param.cgi contains hardcoded…
CVE-2022-31211 — CVSS 9.8 (critical): An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default.
CVE-2022-31208 — CVSS 8.8 (high): An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by…