MidnightBSD

Advisories for nexcom

CVE-2020-25151 MEDIUM

The affected product does not properly validate input, which may allow an attacker to execute a denial-of-service attack on the NIO 50 (all versions).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
nexcom nio_50_firmware *
CVE-2020-25155 MEDIUM

The affected product transmits unencrypted sensitive information, which may allow an attacker to access this information on the NIO 50 (all versions).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,CWE-319,

Products Affected

Vendor Product Version
nexcom nio_50_firmware *