Known Vulnerabilities for products from Evenroute

Listed below are 6 of the newest known vulnerabilities associated with the vendor "Evenroute".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Additional devices specifications by Evenroute can be found at device.report : Evenroute

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2020-11968 ** DISPUTED ** In the web-panel in IQrouter through 3.3.1, remote attackers can read system logs because of Incorrect Access ... 7.5 - HIGH 2020-04-21 2023-11-07
CVE-2020-11967 ** DISPUTED ** In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) b... 9.8 - CRITICAL 2020-04-21 2023-11-07
CVE-2020-11966 ** DISPUTED ** In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote attackers to change ... 9.8 - CRITICAL 2020-04-21 2023-11-07
CVE-2020-11965 ** DISPUTED ** In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote... 9.8 - CRITICAL 2020-04-21 2023-11-07
CVE-2020-11964 ** DISPUTED ** In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote attackers to chan... 7.5 - HIGH 2020-04-21 2023-11-07
CVE-2020-11963 ** DISPUTED ** IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel... 9.8 - CRITICAL 2020-04-21 2023-11-07

Known software with vulnerabilities from Evenroute

Type Vendor Product Version
HardwareEvenrouteIqrouter-
Operating
System		EvenrouteIqrouter Firmware3.3.1