Oringnet Iap-420 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Oringnet Iap-420 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-55547 — CVSS 9.8 (critical): SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP-420: through 2.01e.
CVE-2022-3203 — CVSS 9.8 (critical): On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to…
CVE-2024-5411 — CVSS 8.8 (high): Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command…
CVE-2024-55544 — CVSS 8.8 (high): Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420…
CVE-2024-55548 — CVSS 7.5 (high): Improper check of password character lenght in ORing IAP-420 allows a forced deadlock. This issue affects IAP-420: through 2.01e.
CVE-2024-55545 — CVSS 6.1 (medium): Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and…