AirtiesCVEs & Vulnerabilities

15 CVEs affecting Airties products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

air 5453 2air 5021 2air 5341 2air 5442 2air 5750 2air 6372 2air 4450 1air4443 firmware 1
CVE-2024-9477MEDIUM

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AirTies Air4443 Firmware allows Cross-Site Scripting (XSS). This issue affects Air4443 Firmware: through 14102024. NOTE: The vendor was contacted and it was learned that the product classified as End-of-Life and End-of-Support.

13 Nov 2024
6.1
CVSS
CVE-2022-38789CRITICAL

An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference.

15 Sep 2022
9.1
CVSS
CVE-2019-6967HIGHpoc

AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF.

21 Mar 2019
8.8
CVSS
CVE-2018-17594MEDIUM

AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

2 Oct 2018
6.1
CVSS
CVE-2018-17593MEDIUMpoc

AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

2 Oct 2018
6.1
CVSS
CVE-2018-17591MEDIUMpoc

AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

2 Oct 2018
6.1
CVSS
CVE-2018-17590MEDIUMpoc

AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

2 Oct 2018
6.1
CVSS
CVE-2018-17589MEDIUM

AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

2 Oct 2018
6.1
CVSS
CVE-2018-17588MEDIUMpoc

AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

2 Oct 2018
6.1
CVSS
CVE-2018-17587MEDIUMpoc

AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

2 Oct 2018
6.1
CVSS
CVE-2018-8738MEDIUMpoc

Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS.

5 Jul 2018
6.1
CVSS
CVE-2015-4679MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Airties RT-210 allow remote attackers to inject arbitrary web script or HTML via the (1) ddns_domainame or (2) ddns_account parameter to ddns.stm.

19 Jun 2015
4.3
CVSS
CVE-2015-2797CRITICALpoc

Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.

19 Jun 2015
10.0
CVSS
CVE-2014-100032MEDIUM

Cross-site scripting (XSS) vulnerability in top.html in the Airties Air 6372 modem allows remote attackers to inject arbitrary web script or HTML via the productboardtype parameter.

13 Jan 2015
4.3
CVSS
CVE-2012-0902MEDIUMpoc

AirTies Air 4450 1.1.2.18 allows remote attackers to cause a denial of service (reboot) via a direct request to cgi-bin/loader.

20 Jan 2012
5.0
CVSS
← PrevPage 1 / 1Next →