Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mr2600_firmware
(Motorola)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-01-30 | CVE-2022-34885 | An improper input sanitization vulnerability in the Motorola MR2600 router could allow a local user with elevated permissions to execute arbitrary code. | Mr2600_firmware | 6.7 | ||
| 2024-01-26 | CVE-2024-23626 | A command injection vulnerability exists in the ‘SaveSysLogParams’ parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed. | Mr2600_firmware | 8.8 | ||
| 2024-01-26 | CVE-2024-23627 | A command injection vulnerability exists in the 'SaveStaticRouteIPv4Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed. | Mr2600_firmware | 8.8 | ||
| 2024-01-26 | CVE-2024-23628 | A command injection vulnerability exists in the 'SaveStaticRouteIPv6Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed. | Mr2600_firmware | 8.8 | ||
| 2024-01-26 | CVE-2024-23629 | An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An attacker can exploit this vulnerability to access protected URLs and retrieve sensitive information. | Mr2600_firmware | 7.5 | ||
| 2024-01-26 | CVE-2024-23630 | An arbitrary firmware upload vulnerability exists in the Motorola MR2600. An attacker can exploit this vulnerability to achieve code execution on the device. Authentication is required, however can be bypassed. | Mr2600_firmware | 8.8 |