Every CVE whose affected-product data names Ip-com Ew9 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-43367 — CVSS 9.8 (critical): IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the formSetDebugCfg function.
CVE-2022-45005 — CVSS 9.8 (critical): IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the cmd_get_ping_output function.
CVE-2022-43364 — CVSS 7.5 (high): An access control issue in the password reset page of IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to arbitrarily change…
CVE-2022-43365 — CVSS 7.5 (high): IP-COM EW9 V15.11.0.14(9732) was discovered to contain a buffer overflow in the formSetDebugCfg function. This vulnerability allows…
CVE-2022-43366 — CVSS 7.5 (high): IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to access sensitive information via the checkLoginUser, ate, telnet, version…