Filtered by vendor Emerson Subscriptions
Filtered by product Wireless 1410d Gateway Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-42538 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more 2022-07-25 8.8 High
The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.
CVE-2021-42540 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more 2021-10-28 8.8 High
The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.
CVE-2021-42539 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more 2021-10-27 8.8 High
The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change.
CVE-2021-42542 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more 2021-10-27 8.8 High
The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure.
CVE-2021-42536 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more 2021-10-27 6.5 Medium
The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.
CVE-2021-38485 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more 2021-10-27 8.8 High
The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk.