MidnightBSD

Advisories for silextechnology

CVE-2018-6020 MEDIUM

In Silex SX-500 all versions and GE MobileLink(GEH-500) version 1.54 and prior, authentication is not verified when making certain POST requests, which may allow attackers to modify system settings.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
silextechnology geh-sd-320an_firmware *
silextechnology sx-500_firmware -
silextechnology sd-320an_firmware *
silextechnology geh-500_firmware *
CVE-2018-6021 MEDIUM

Silex SD-320AN version 2.01 and prior and GE MobileLink(GEH-SD-320AN) version GEH-1.1 and prior have a system call parameter that is not properly sanitized, which may allow remote code execution.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,

Products Affected

Vendor Product Version
silextechnology geh-sd-320an_firmware *
silextechnology sd-320an_firmware *