MidnightBSD

Advisories for airties

CVE-2012-0902 MEDIUM

AirTies Air 4450 1.1.2.18 allows remote attackers to cause a denial of service (reboot) via a direct request to cgi-bin/loader.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
airties air_4450 1.1.2.18
CVE-2014-100032 MEDIUM

Cross-site scripting (XSS) vulnerability in top.html in the Airties Air 6372 modem allows remote attackers to inject arbitrary web script or HTML via the productboardtype parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
airties air_6372 *
CVE-2015-2797 HIGH

Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
airties air_firmware *
CVE-2015-4679 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Airties RT-210 allow remote attackers to inject arbitrary web script or HTML via the (1) ddns_domainame or (2) ddns_account parameter to ddns.stm.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
airties rt-210_firmware *
CVE-2018-17587 MEDIUM

AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
airties air_5750_firmware 1.0.0.18
CVE-2018-17588 MEDIUM

AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
airties air_5021_firmware 1.0.0.18
CVE-2018-17589 MEDIUM

AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
airties air_5650_firmware 1.0.0.18
CVE-2018-17590 MEDIUM

AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
airties air_5442_firmware 1.0.0.18
CVE-2018-17591 MEDIUM

AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
airties air_5343v2_firmware 1.0.0.18
CVE-2018-17593 MEDIUM

AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
airties air_5453_firmware 1.0.0.18
CVE-2018-17594 MEDIUM

AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
airties air_5443v2_firmware 1.0.0.18
CVE-2018-8738 MEDIUM

Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
airties 5444tt_firmware 1.0.0.18
airties 5444_firmware 1.0.0.18
CVE-2019-6967 MEDIUM

AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
airties air_5341_firmware 1.0.0.12
CVE-2022-38789

An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

Products Affected

Vendor Product Version
airties air_4971_firmware *
airties air_4920_firmware *
airties air_4921_firmware *