Viloliving Vilo 5 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Viloliving Vilo 5 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-40084 — CVSS 9.6 (critical): A Buffer Overflow in the Boa webserver of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, unauthenticated attackers to execute…
CVE-2024-40087 — CVSS 9.6 (critical): Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Insecure Permissions. Lack of authentication in the custom TCP service on port 5432…
CVE-2024-40089 — CVSS 9.1 (critical): A Command Injection vulnerability in Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, authenticated attackers to execute arbitrary code…
CVE-2024-40088 — CVSS 5.3 (medium): A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, unauthenticated attackers…
CVE-2024-40091 — CVSS 5.3 (medium): Vilo 5 Mesh WiFi System <= 5.16.1.33 lacks authentication in the Boa webserver, which allows remote, unauthenticated attackers to retrieve…
CVE-2024-40090 — CVSS 4.3 (medium): Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Information Disclosure. An information leak in the Boa webserver allows remote…