Nokia G-040W-Q Firmware G040WQR201207
Approved changes feed: RSS · Atom
cpe:2.3:o:nokia:g-040w-q_firmware:g040wqr201207:*:*:*:*:*:*:*
part: o version: g040wqr201207 update: *
| Vendor | Nokia (817976ae-06c5-5680-b3fe-e55f44d8308a) |
|---|---|
| Product | G 040W Q Firmware (b0072ea1-13ac-5ea3-bf25-67916364fb99) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-41355 |
vulnerable | 2026-06-03 14:52:51.664376 |
Chunghwa Telecom NOKIA G-040W-Q - Improper Input Validation
CRITICAL (9.8)
Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for ICMP redirect messages. An unauthenticated remote attacker can exploit this vulnerability by sending a crafted package to modify the network routing table, resulting in a denial of service or sensitive information leaking.
Published: 2023-11-03T05:55:07.221Z
Updated: 2024-10-14T04:02:18.834Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-41354 |
vulnerable | 2026-06-03 14:52:51.663991 |
Chunghwa Telecom NOKIA G-040W-Q - Exposure of Sensitive Information
MEDIUM (4)
Chunghwa Telecom NOKIA G-040W-Q Firewall function does not block ICMP TIMESTAMP requests by default, an unauthenticated remote attacker can exploit this vulnerability by sending a crafted package, resulting in partially sensitive information exposed to an actor.
Published: 2023-11-03T05:52:33.724Z
Updated: 2024-09-05T14:33:15.250Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-41353 |
vulnerable | 2026-06-03 14:52:51.663550 |
Chunghwa Telecom NOKIA G-040W-Q - Weak Password Requirements
HIGH (8.8)
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote attacker with regular user privilege can easily infer the administrator password from system information after logging system, resulting in admin access and performing arbitrary system operations or disrupt service.
Published: 2023-11-03T05:48:22.031Z
Updated: 2024-09-06T19:54:18.201Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-41352 |
vulnerable | 2026-06-03 14:52:51.663122 |
Chunghwa Telecom NOKIA G-040W-Q - Command Injection
HIGH (7.2)
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient filtering for user input. A remote attacker with administrator privilege can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system or terminate services.
Published: 2023-11-03T05:44:39.924Z
Updated: 2024-09-06T19:55:40.699Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-41351 |
vulnerable | 2026-06-03 14:52:51.662674 |
Chunghwa Telecom NOKIA G-040W-Q - Broken Access Control
CRITICAL (9.8)
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an unauthenticated remote attacker to bypass the authentication mechanism to log in to the device by an alternative URL. This makes it possible for unauthenticated remote attackers to log in as any existing users, such as an administrator, to perform arbitrary system operations or disrupt service.
Published: 2023-11-03T05:41:26.852Z
Updated: 2024-09-04T20:10:05.622Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-41350 |
vulnerable | 2026-06-03 14:52:51.659102 |
Chunghwa Telecom NOKIA G-040W-Q - Excessive Authentication Attempts
HIGH (7.5)
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient measures to prevent multiple failed authentication attempts. An unauthenticated remote attacker can execute a crafted Javascript to expose captcha in page, making it very easy for bots to bypass the captcha check and more susceptible to brute force attacks.
Published: 2023-11-03T04:44:04.122Z
Updated: 2024-09-06T19:56:30.968Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.