Planex CS-QR20 Firmware 1.30
Approved changes feed: RSS · Atom
cpe:2.3:o:planex:cs-qr20_firmware:1.30:*:*:*:*:*:*:*
part: o version: 1.30 update: *
| Vendor | Planex (5e3975f2-d872-5cc3-afda-5e2c5ec3d4e0) |
|---|---|
| Product | Cs Qr20 Firmware (4a331ff0-5834-5aa2-994a-73371179cab7) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-12577 |
vulnerable | 2026-06-03 14:36:36.177182 |
Details available
An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin:password") is used in the Android application that allows attackers to use a hidden API URL "/goform/SystemCommand" to execute any command with root permission.
Published: 2018-08-24T19:00:00.000Z
Updated: 2024-08-05T18:43:56.016Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-12576 |
vulnerable | 2026-06-03 14:36:36.176237 |
Details available
An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undocumented management page allows an attacker to execute arbitrary code on the device when the user is authenticated. The management page was used for debugging purposes, once you login and access the page directly (/admin/system_command.asp), you can execute any command.
Published: 2018-08-24T19:00:00.000Z
Updated: 2024-08-05T18:43:56.135Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.