Opengear : Security Vulnerabilities, CVEs, CVSS score >= 3
Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system (connected to a serial port on an Opengear console server) sends crafted text to a serial port (that has logging enabled), the text will be replayed when the logs are viewed. Exploiting this vulnerability requires access to the serial port and/or console server.
Max CVSS
5.4
EPSS Score
0.06%
Published
2019-07-31
Updated
2019-08-07
Opengear console servers with firmware before 2.2.1 allow remote attackers to bypass authentication, and modify settings or access connected equipment, via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.34%
Published
2011-11-09
Updated
2011-11-16
2 vulnerabilities found