Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:gryphon_tower_router:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductGryphon Tower Router (1c807738-713b-5562-a4ad-c8041c53ed97)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2021-20146 vulnerable 2026-06-08 05:29:08.589877 Details available
An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root access to a server affiliated with Gryphon's development and infrastructure. At the time of discovery, the ssh key could be used to login to the development server hosted in Amazon Web Services.
Published: 2021-12-09T15:21:34.000Z
Updated: 2024-08-03T17:30:07.621Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20145 vulnerable 2026-06-08 05:29:08.589290 Details available
Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers access to the Gryphon homebound VPN network which exposes the LAN interfaces of other users' devices connected to the same service. An attacker could leverage this to make configuration changes to, or otherwise attack victims' devices as though they were on an adjacent network.
Published: 2021-12-09T15:19:24.000Z
Updated: 2024-08-03T17:30:07.596Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20144 vulnerable 2026-06-08 05:29:08.588990 Details available
An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the controller_server service on port 9999.
Published: 2021-12-09T15:19:18.000Z
Updated: 2024-08-03T17:30:07.446Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20143 vulnerable 2026-06-08 05:29:08.588598 Details available
An unauthenticated command injection vulnerability exists in the parameters of operation 48 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the controller_server service on port 9999.
Published: 2021-12-09T15:19:13.000Z
Updated: 2024-08-03T17:30:07.493Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20142 vulnerable 2026-06-08 05:29:08.588300 Details available
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the controller_server service on port 9999.
Published: 2021-12-09T15:23:09.000Z
Updated: 2024-08-03T17:30:07.477Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20141 vulnerable 2026-06-08 05:29:08.588001 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20140 vulnerable 2026-06-08 05:29:08.587575 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20139 vulnerable 2026-06-08 05:29:08.587260 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20138 vulnerable 2026-06-08 05:29:08.586904 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20137 vulnerable 2026-06-08 05:29:08.584697 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.