Filtered by vendor Kratosdefense
Subscriptions
Filtered by product Ngc Indoor Unit Firmware
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-36670 | 1 Kratosdefense | 2 Ngc Indoor Unit, Ngc Indoor Unit Firmware | 2024-11-21 | 9.8 Critical |
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device. | ||||
CVE-2023-36669 | 1 Kratosdefense | 2 Ngc Indoor Unit, Ngc Indoor Unit Firmware | 2024-11-21 | 9.8 Critical |
Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit (TPU) within the IDU by sending crafted TCP requests to the IDU. |
Page 1 of 1.