Gryphon Tower Router
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:gryphon_tower_router:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Gryphon Tower Router (1c807738-713b-5562-a4ad-c8041c53ed97) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-20146 |
vulnerable | 2026-06-08 05:29:08.589877 |
Details available
An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root access to a server affiliated with Gryphon's development and infrastructure. At the time of discovery, the ssh key could be used to login to the development server hosted in Amazon Web Services.
Published: 2021-12-09T15:21:34.000Z
Updated: 2024-08-03T17:30:07.621Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20145 |
vulnerable | 2026-06-08 05:29:08.589290 |
Details available
Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers access to the Gryphon homebound VPN network which exposes the LAN interfaces of other users' devices connected to the same service. An attacker could leverage this to make configuration changes to, or otherwise attack victims' devices as though they were on an adjacent network.
Published: 2021-12-09T15:19:24.000Z
Updated: 2024-08-03T17:30:07.596Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20144 |
vulnerable | 2026-06-08 05:29:08.588990 |
Details available
An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the controller_server service on port 9999.
Published: 2021-12-09T15:19:18.000Z
Updated: 2024-08-03T17:30:07.446Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20143 |
vulnerable | 2026-06-08 05:29:08.588598 |
Details available
An unauthenticated command injection vulnerability exists in the parameters of operation 48 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the controller_server service on port 9999.
Published: 2021-12-09T15:19:13.000Z
Updated: 2024-08-03T17:30:07.493Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20142 |
vulnerable | 2026-06-08 05:29:08.588300 |
Details available
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the controller_server service on port 9999.
Published: 2021-12-09T15:23:09.000Z
Updated: 2024-08-03T17:30:07.477Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20141 |
vulnerable | 2026-06-08 05:29:08.588001 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20140 |
vulnerable | 2026-06-08 05:29:08.587575 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20139 |
vulnerable | 2026-06-08 05:29:08.587260 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20138 |
vulnerable | 2026-06-08 05:29:08.586904 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20137 |
vulnerable | 2026-06-08 05:29:08.584697 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.