Known Vulnerabilities for Smart Box Firmware by Beeline
Listed below are 3 of the newest known vulnerabilities associated with "Smart Box Firmware" by "Beeline".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-41427 | Beeline Smart Box 2.0.38 is vulnerable to Cross Site Scripting (XSS) via the choose_mac parameter to setup.cgi. | 6.1 - MEDIUM | 2021-11-10 | 2021-11-12 |
| CVE-2021-41426 | Beeline Smart box 2.0.38 is vulnerable to Cross Site Request Forgery (CSRF) via mgt_end_user.htm. | 8.8 - HIGH | 2021-11-10 | 2021-11-12 |
| CVE-2020-12246 | Beeline Smart Box 2.0.38 routers allow "Advanced settings > Other > Diagnostics" OS command injection via the Ping ping_ipadd... | 8.8 - HIGH | 2020-04-29 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Beeline | Smart Box Firmware | 2.0.38 | All | All | All |