Motorola PTP 250 Wireless Bridge

Platform Information https://www.cnet.com/products/motorola-ptp-200-series-250-wireless-bridge/
Search Engine Search on Google
End of Sales -
End of Support -
Wired Connection -
Wireless Connection Yes
Fingerprinting Source HTTP NIC VENDOR
Added at Mar 12, 2019
Manufacturer Name Motorola, Inc.
Homepage https://en.wikipedia.org/wiki/Motorola
Headquarters United States of America
Business Status Ongoing
Acquisition Company Lenovo more info
Acquisition Company Homepage http://www3.lenovo.com/us/en/

Platform’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
No records found.
Manufacturer’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
CVE-2019-11322
04/18/2019
CRITICAL
HIGH
An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function startRmtAssist in hnap, which leads to remote code execution via shell metacharacters in a JSON value.
CVE-2019-11321
04/18/2019
MEDIUM
MEDIUM
An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices.
CVE-2019-11320
04/18/2019
CRITICAL
HIGH
In Motorola CX2 1.01 and M2 1.01, users can access the router's /priv_mgt.html web page to launch telnetd, as demonstrated by the 192.168.51.1 address.
CVE-2019-11319
04/18/2019
CRITICAL
HIGH
An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function downloadFirmware in hnap, which leads to remote code execution via shell metacharacters in a JSON value.
CVE-2019-9121
03/07/2019
CRITICAL
HIGH
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetSmartQoSSettings API function, as demonstrated by shell metacharacters in the smartqos_priority_devices field.