MidnightBSD

Advisories for seowonintech

CVE-2013-7179 HIGH

The ping functionality in cgi-bin/diagnostic.cgi on Seowon Intech SWC-9100 routers allows remote attackers to execute arbitrary commands via shell metacharacters in the ping_ipaddr parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
seowonintech swc-9100 -
CVE-2013-7183 HIGH

cgi-bin/reboot.cgi on Seowon Intech SWC-9100 routers allows remote attackers to (1) cause a denial of service (reboot) via a default_reboot action or (2) reset all configuration values via a factory_default action.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
seowonintech swc-9100 -
CVE-2016-10760 HIGH

On Seowon Intech routers, there is a Command Injection vulnerability in diagnostic.cgi via shell metacharacters in the ping_ipaddr parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
seowonintech swr-300a_firmware -
seowonintech swr-300bg_firmware -
seowonintech swr-300c_firmware -
seowonintech swr-300b_firmware -
CVE-2020-17456 HIGH

SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
seowonintech slc-130_firmware -
seowonintech slr-120s42g_firmware *
seowonintech slr-120t42g_firmware *
seowonintech slr-120d42g_firmware *
seowonintech slr-120s_firmware -
CVE-2021-42230 HIGH

Seowon 130-SLC router all versions as of 2021-09-15 is vulnerable to Remote Code Execution via the queriesCnt parameter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
seowonintech 130-slc_firmware *
CVE-2023-27826

SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1, 1.9.9.4 are vulnerable to OS Command Injection. which allows attackers to take over the system with root privilege by abusing doSystem() function.

Products Affected

Vendor Product Version
seowonintech swc-5100w_firmware 1.9.9.4
seowonintech swc-5100w_firmware 1.11.0.1