Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ignitenet:helios_glinq:2.2.1:r2961:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-5783 |
In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms. Published: September 23, 2020; 12:15:14 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 5.8 MEDIUM |
CVE-2020-5782 |
In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wan_type’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection. Published: September 23, 2020; 12:15:13 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 6.8 MEDIUM |
CVE-2020-5781 |
In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file (/etc/config/luci) by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users. Published: September 23, 2020; 12:15:13 PM -0400 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |