MidnightBSD

Advisories for kraftway

CVE-2018-15350 HIGH

Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote attackers to get privileged access to the router.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-1188,

Products Affected

Vendor Product Version
kraftway 24f2xg_router_firmware *
CVE-2018-15351 HIGH

Denial of service via crafting malicious link and sending it to a privileged user can cause Denial of Service in Kraftway 24F2XG Router firmware version 3.5.30.1118.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-59,

Products Affected

Vendor Product Version
kraftway 24f2xg_router_firmware *
CVE-2018-15352 MEDIUM

An attacker with low privileges can cause denial of service in Kraftway 24F2XG Router firmware version 3.5.30.1118.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
kraftway 24f2xg_router_firmware 3.5.30.1118
CVE-2018-15353 HIGH

A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution in Kraftway 24F2XG Router firmware 3.5.30.1118.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
kraftway 24f2xg_router_firmware *
CVE-2018-15354 MEDIUM

A Buffer Overflow exploited through web interface by remote attacker can cause denial of service in Kraftway 24F2XG Router firmware 3.5.30.1118.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
kraftway 24f2xg_router_firmware *
CVE-2018-15355 MEDIUM

Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,

Products Affected

Vendor Product Version
kraftway 24f2xg_router_firmware *