Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Xgw_3000_zigbee_gateway_firmware
(Miele)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 2 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-02-24 | CVE-2019-20481 | In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password. This can be exploited in conjunction with CVE-2019-20480. | Xgw_3000_zigbee_gateway_firmware | N/A | ||
2020-02-24 | CVE-2019-20480 | In MIELE XGW 3000 ZigBee Gateway before 2.4.0, a malicious website visited by an authenticated admin user or a malicious mail is allowed to make arbitrary changes in the "admin panel" because there is no CSRF protection. | Xgw_3000_zigbee_gateway_firmware | N/A |