sfewer-r7/LorexExploit
GitHub
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 6.7 MEDIUM | — | ||
An attacker who can execute arbitrary Operating Systems commands, can bypass code signing enforcements in the kernel, and execute arbitrary native code. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111. | |||
| 9.8 CRITICAL | — | ||
An unauthenticated attacker can trigger a stack based buffer overflow in the DP Service (TCP port 3500). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111. | |||
| 6.5 MEDIUM | — | ||
An unauthenticated attacker can perform an out of bounds heap read in the IQ Service (TCP port 9876). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111. | |||
| 5.3 MEDIUM | — | ||
An unauthenticated attacker can perform a null pointer dereference in the DHIP Service (UDP port 37810). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111. | |||
| 7.2 HIGH | — | ||
An authenticated attacker can trigger a stack based buffer overflow in the DHIP Service (TCP port 80). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111. | |||