S350i CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Microsemi Subscriptions

Filtered by product S350i Subscriptions

Search

Switch to Advanced Search (Beta)

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2014-5071	1 Microsemi	2 S350i, S350i Firmware	2024-11-21	9.8 Critical
SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execute arbitrary SQL commands via vectors involving a username.
CVE-2014-5070	1 Microsemi	2 S350i, S350i Firmware	2024-11-21	8.8 High
Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page.
CVE-2014-5069	1 Microsemi	2 S350i, S350i Firmware	2024-11-21	6.1 Medium
Cross-site scripting (XSS) vulnerability in Symmetricom s350i 2.70.15 allows remote attackers to inject arbitrary web script or HTML via vectors involving system logs.
CVE-2014-5068	1 Microsemi	2 S350i, S350i Firmware	2024-11-21	7.5 High
Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash) or (2) ..\ (dot dot forward slash) before a file name.

Page 1 of 1.