Vulnerabilities (CVE)

Filtered by vendor Westermo Subscribe
Filtered by product Mr-260 Firmware
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-19614 1 Westermo 6 Dr-250, Dr-250 Firmware, Dr-260 and 3 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers.
CVE-2018-19613 1 Westermo 6 Dr-250, Dr-250 Firmware, Dr-260 and 3 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allow CSRF.
CVE-2018-19612 1 Westermo 6 Dr-250, Dr-250 Firmware, Dr-260 and 3 more 2024-11-21 6.5 MEDIUM 8.8 HIGH
The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code.