Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Xgw_3000_zigbee_gateway_firmware
(Miele)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-02-24 | CVE-2019-20481 | In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password. This can be exploited in conjunction with CVE-2019-20480. | Xgw_3000_zigbee_gateway_firmware | N/A | ||
| 2020-02-24 | CVE-2019-20480 | In MIELE XGW 3000 ZigBee Gateway before 2.4.0, a malicious website visited by an authenticated admin user or a malicious mail is allowed to make arbitrary changes in the "admin panel" because there is no CSRF protection. | Xgw_3000_zigbee_gateway_firmware | N/A |