Latest Motorola Vulnerabilities

CVE-2024-23630
Motorola MR2600 Arbitrary Firmware Upload Vulnerability
Motorola Mr2600 Firmware
Motorola MR2600
CVE-2024-23629
Motorola MR2600 Authentication Bypass Vulnerability
Motorola Mr2600 Firmware
Motorola MR2600
CVE-2024-23628
Motorola MR2600 SaveStaticRouteIPv6Params Command Injection Vulnerability
Motorola Mr2600 Firmware
Motorola MR2600
CVE-2024-23627
Motorola MR2600 SaveStaticRouteIPv4Params Command Injection Vulnerability
Motorola Mr2600 Firmware
Motorola MR2600
CVE-2024-23626
Motorola MR2600 SaveSysLogParams Command Injection Vulnerability
Motorola Mr2600 Firmware
Motorola MR2600
CVE-2022-3681
A vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an attacker within range of the wireless network to successfully brute force the WPS pin, potentially allo...
Motorola MR2600<=1.0.18
Motorola MR2600
CVE-2022-27813
Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to en...
Motorola Mtm5500 Firmware
Motorola Mtm5500
Motorola Mtm5400 Firmware
Motorola Mtm5400
CVE-2022-26943
The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using a tick count register as its sole entropy source. Low boottime entropy and limited re-seeding of the p...
Motorola Mtm5500 Firmware
Motorola Mtm5500
Motorola Mtm5400 Firmware
Motorola Mtm5400
CVE-2022-26941
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anythin...
Motorola Mtm5500 Firmware
Motorola Mtm5500
Motorola Mtm5400 Firmware
Motorola Mtm5400
CVE-2022-26942
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment (TEE) modules. Two modules are used, one responsible for KVL key management and the o...
Motorola Mtm5500 Firmware
Motorola Mtm5500
Motorola Mtm5400 Firmware
Motorola Mtm5400
CVE-2022-3407
I some cases, when the device is USB-tethered to a host PC, and the device is sharing its mobile network connection with the host PC, if the user originates a call on the device, then the device's mod...
Motorola Smartphone Firmware<2022-11-01
CVE-2023-23772
Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenti...
Motorola Mbts Site Controller Firmware=r05.32.58
Motorola MBTS Site Controller
CVE-2023-23773
Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attack...
Motorola Ebts Base Radio Firmware=r05.x2.57
Motorola Ebts Base Radio
Motorola Mbts Base Radio Firmware=r05.x2.57
Motorola MBTS Base Radio
CVE-2023-23774
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception....
Motorola Ebts Site Controller Firmware
Motorola Ebts Site Controller
Motorola Mbts Site Controller Firmware
Motorola MBTS Site Controller
CVE-2023-23771
Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts ...
Motorola Mbts Base Radio Firmware=r05.x2.57
Motorola MBTS Base Radio
CVE-2023-23770
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device...
Motorola Mbts Site Controller Firmware=r05.32.58
Motorola MBTS Site Controller
CVE-2023-31529
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the system_time_timezone parameter.
Motorola Cx2l Firmware=1.0.1
Motorola CX2L
CVE-2023-31530
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the smartqos_priority_devices parameter.
Motorola Cx2l Firmware=1.0.1
Motorola CX2L
CVE-2023-31528
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the staticroute_list parameter.
Motorola Cx2l Firmware=1.0.1
Motorola CX2L
CVE-2023-31531
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter.
Motorola Cx2l Firmware=1.0.1
Motorola CX2L
CVE-2022-34885
An improper input sanitization vulnerability in the Motorola MR2600 router could allow a local user with elevated permissions to execute arbitrary code.
Motorola Mr2600 Firmware<1.0.18
Motorola MR2600
CVE-2022-3917
Improper access control of bootloader function was discovered in Motorola Mobility Motorola e20 prior to version RONS31.267-38-8 allows attacker with local access to read partition or RAM data.
Motorola Moto E20 Firmware<rons31.267-38-8
Motorola Moto E20
CVE-2022-30271
The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts (such as /etc/init.d/sshd_service) only generate a new key if no private-key file exists. ...
Motorola Ace1000 Firmware
Motorola ACE1000
Motorola Ace1000 Firmware
Motorola ACE1000
CVE-2022-30269
Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In th...
Motorola Ace1000 Firmware
Motorola ACE1000
CVE-2022-30274
The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are...
Motorola Ace1000 Firmware
Motorola ACE1000
CVE-2022-30270
The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations tha...
Motorola Ace1000 Firmware
Motorola ACE1000
CVE-2022-30276
The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MD...
Motorola Moscad Ip Gateway Firmware
Motorola Moscad Ip Gateway
Motorola Ace Ip Gateway \(4600\) Firmware
Motorola Ace Ip Gateway \(4600\)
Motorola Moscad Ip Gateway Firmware
Motorola Moscad Ip Gateway
and 2 more
CVE-2022-30272
The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the STS software suite or ACE1000 Easy Configurator for performing firmware updates. In case of the Easy C...
Motorola Ace1000 Firmware
Motorola ACE1000
Motorola Ace1000 Firmware
Motorola ACE1000
CVE-2021-3898
Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08 do not properly verify the server certificate which could lead to the communication channel being acces...
Motorola Device Help Android<2021-04-08
Motorola Ready For<2021-04-08
CVE-2021-38701
Certain Motorola Solutions Avigilon devices allow XSS in the administrative UI. This affects T200/201 before 4.10.0.68; T290 before 4.4.0.80; T008 before 2.2.0.86; T205 before 4.12.0.62; T204 before 3...
Motorola T008 Firmware<2.2.0.86
Motorola T008
Motorola T100 Firmware<2.6.0.180
Motorola T100
Motorola T101 Firmware<2.6.0.180
Motorola T101
and 14 more
CVE-2021-3458
The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified.
Motorola Mm1000 Firmware
Motorola MM1000
CVE-2021-3459
A privilege escalation vulnerability was reported in the MM1000 device configuration web server, which could allow privileged shell access and/or arbitrary privileged commands to be executed on the ad...
Motorola Mm1000 Firmware
Motorola MM1000
CVE-2020-21933
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package.
Motorola Cx2 Firmware=1.0.2
Motorola CX2
CVE-2020-21934
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed.
Motorola Cx2 Firmware=1.0.2
Motorola CX2
CVE-2020-21937
An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands.
Motorola Cx2 Firmware=1.0.2-build_20190508
Motorola CX2
CVE-2020-21932
A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to bypass login and obtain a partially authorized token and uid.
Motorola Cx2 Firmware=1.0.2
Motorola CX2
CVE-2021-3460
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being ...
Motorola Mh702x Firmware<2.0.0.301
Motorola MH702x
CVE-2020-10874
Motorola FX9500 devices allow remote attackers to read database files.
Motorola Fx9500-41324d41-us Firmware
Motorola Fx9500-41324d41-us
Motorola Fx9500-41324d41-ww Firmware
Motorola Fx9500-41324d41-ww
Motorola Fx9500-81324d41-us Firmware
Motorola Fx9500-81324d41-us
and 2 more
CVE-2019-16257
Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or exe...
Motorola Motorola Firmware
Motorola Motorola
CVE-2019-15513
An issue was discovered in OpenWrt libuci (aka Library for the Unified Configuration Interface) before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking...
OpenWrt libuci
Motorola Cx2l Mwr04l Firmware=1.01
Motorola CX2L MWR04L
Motorola C1 Mwr03 Firmware=1.01
Motorola C1 Mwr03
CVE-2019-13129
On the Motorola router CX2L MWR04L 1.01, there is a stack consumption (infinite recursion) issue in scopd via TCP port 8010 and UDP port 8080. It is caused by snprintf and inappropriate length handlin...
Motorola Cx2l Mwr04l Firmware=1.01
Motorola CX2L MWR04L
CVE-2019-12297
An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080.
Motorola Cx2 Firmware=1.01
Motorola CX2
Motorola M2 Firmware=1.01
Motorola M2
CVE-2019-11321
An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC address...
Motorola Cx2 Firmware=1.01
Motorola CX2
Motorola M2 Firmware=1.01
Motorola M2
CVE-2019-11320
In Motorola CX2 1.01 and M2 1.01, users can access the router's /priv_mgt.html web page to launch telnetd, as demonstrated by the 192.168.51.1 address.
Motorola Cx2 Firmware=1.01
Motorola CX2
Motorola M2 Firmware=1.01
Motorola M2
CVE-2019-11322
An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function startRmtAssist in hnap, which leads to remote code execution via shell metacharacters in a JSON v...
Motorola Cx2 Firmware=1.01
Motorola CX2
Motorola M2 Firmware=1.01
Motorola M2
CVE-2019-11319
An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function downloadFirmware in hnap, which leads to remote code execution via shell metacharacters in a JSON...
Motorola Cx2 Firmware=1.01
Motorola CX2
Motorola M2 Firmware=1.01
Motorola M2
CVE-2019-9121
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root s...
Motorola M2 Firmware=1.07
Motorola M2
Motorola C1 Firmware=1.01
Motorola C1
CVE-2019-9119
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root s...
Motorola M2 Firmware=1.07
Motorola M2
Motorola C1 Firmware=1.01
Motorola C1
CVE-2019-9120
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root s...
Motorola M2 Firmware=1.07
Motorola M2
Motorola C1 Firmware=1.01
Motorola C1
CVE-2019-9118
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root s...
Motorola M2 Firmware=1.07
Motorola M2
Motorola C1 Firmware=1.01
Motorola C1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203