airties 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は vendor risk cross-site scripting、vendor risk csrf, and バッファオーバーフロー に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で vendor impact session compromise and アプリケーションクラッシュ などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2024-9477 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AirTies Air4443 Firmware allows Cross-Site Scripting (XSS). This issue affects Air4443 Firmware: through 14102024. NOTE: The vendor was contacted and it was learned that the product classified as End-of-Life and End-of-Support. | [email protected] | 4.6 | 0.19% | 2024-11-13 | 2026-06-02 |
| CVE-2022-38789 | An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference. | [email protected] | 9.1 | 0.88% | 2022-09-15 | 2024-11-21 |
| CVE-2019-6967 | AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF. | [email protected] | 8.8 | 13.50% | 2019-03-21 | 2024-11-21 |
| CVE-2018-17594 | AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | [email protected] | 6.1 | 0.99% | 2018-10-02 | 2024-11-21 |
| CVE-2018-17593 | AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | [email protected] | 6.1 | 2.30% | 2018-10-02 | 2024-11-21 |
| CVE-2018-17591 | AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | [email protected] | 6.1 | 2.30% | 2018-10-02 | 2024-11-21 |
| CVE-2018-17590 | AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | [email protected] | 6.1 | 2.30% | 2018-10-02 | 2024-11-21 |
| CVE-2018-17589 | AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | [email protected] | 6.1 | 1.00% | 2018-10-02 | 2024-11-21 |
| CVE-2018-17588 | AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | [email protected] | 6.1 | 2.32% | 2018-10-02 | 2024-11-21 |
| CVE-2018-17587 | AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | [email protected] | 6.1 | 2.32% | 2018-10-02 | 2024-11-21 |
| CVE-2018-8738 | Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS. | [email protected] | 6.1 | 2.27% | 2018-07-05 | 2024-11-21 |
| CVE-2015-4679 | Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Airties RT-210 allow remote attackers to inject arbitrary web script or HTML via the (1) ddns_domainame or (2) ddns_account parameter to ddns.stm. | [email protected] | 4.3 | 1.47% | 2015-06-19 | 2026-05-06 |
| CVE-2015-2797 | Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login. | [email protected] | 10.0 | 77.60% | 2015-06-19 | 2026-05-06 |
| CVE-2014-100032 | Cross-site scripting (XSS) vulnerability in top.html in the Airties Air 6372 modem allows remote attackers to inject arbitrary web script or HTML via the productboardtype parameter. | [email protected] | 4.3 | 1.43% | 2015-01-13 | 2026-05-06 |
| CVE-2012-0902 | AirTies Air 4450 1.1.2.18 allows remote attackers to cause a denial of service (reboot) via a direct request to cgi-bin/loader. | [email protected] | 5.0 | 2.95% | 2012-01-20 | 2026-04-29 |