Known Vulnerabilities for products from Phicomm
Listed below are 18 of the newest known vulnerabilities associated with the vendor "Phicomm".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-40796 | Phicomm k2 v22.6.529.216 is vulnerable to command injection. | 7.8 - HIGH | 2023-08-25 | 2023-08-31 |
| CVE-2022-48073 | Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext. | 7.5 - HIGH | 2023-01-27 | 2023-07-05 |
| CVE-2022-48072 | Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automa... | 7.8 - HIGH | 2023-01-27 | 2023-02-04 |
| CVE-2022-48071 | Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. | 7.5 - HIGH | 2023-01-27 | 2023-02-04 |
| CVE-2022-48070 | Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the auto... | 7.8 - HIGH | 2023-01-27 | 2023-02-04 |
| CVE-2022-37780 | Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command executio... | 7.2 - HIGH | 2022-09-07 | 2022-09-12 |
| CVE-2022-37779 | Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command executio... | 7.2 - HIGH | 2022-09-08 | 2022-09-12 |
| CVE-2022-37778 | Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command executio... | 7.2 - HIGH | 2022-09-08 | 2022-09-12 |
| CVE-2022-37777 | Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers 3.0.1.17 and earlier were discovered to contain a remote comma... | 7.2 - HIGH | 2022-09-08 | 2022-09-12 |
| CVE-2022-27373 | Shanghai Feixun Data Communication Technology Co., Ltd router fir302b A2 was discovered to contain a remote command execution... | 8.8 - HIGH | 2022-07-19 | 2023-08-08 |
| CVE-2022-25219 | A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of eph... | 8.4 - HIGH | 2022-03-10 | 2023-08-08 |
| CVE-2022-25218 | The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacke... | 8.1 - HIGH | 2022-03-10 | 2023-08-08 |
| CVE-2022-25217 | Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obt... | 7.8 - HIGH | 2022-03-10 | 2022-03-17 |
| CVE-2022-25215 | Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) clie... | 5.3 - MEDIUM | 2022-03-10 | 2023-08-08 |
| CVE-2022-25214 | Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive in... | 7.4 - HIGH | 2022-03-10 | 2023-08-08 |
| CVE-2022-25213 | Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to... | 6.8 - MEDIUM | 2022-03-10 | 2023-08-08 |
| CVE-2019-19117 | /usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated use... | 8.8 - HIGH | 2019-11-18 | 2020-08-24 |
| CVE-2017-11495 | PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecifie... | 9.8 - CRITICAL | 2017-07-20 | 2017-08-15 |
Known software with vulnerabilities from Phicomm
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Phicomm | K2psg1218 Firmware | 22.5.9.163 |