Browse all 8 CVE security advisories affecting ORing. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ORing specializes in industrial networking solutions, focusing on edge routers and communication gateways for critical infrastructure. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and insecure default configurations. Security researchers have identified multiple authentication bypass vulnerabilities and insecure firmware update mechanisms in ORing devices. While no major public security incidents have been widely reported, the accumulation of 8 CVEs indicates persistent security challenges in their product line, particularly in web interfaces and remote management features.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-55548 | Denial of Service — IAP-420CWE-703 | 7.5 | - | 2024-12-10 |
| CVE-2024-55547 | Remote Command Execution via SNMP — IAP-420CWE-77 | 9.8 | - | 2024-12-10 |
| CVE-2024-55546 | Stored Cross-Site Scripting — IAP-420CWE-79 | 5.4 | - | 2024-12-10 |
| CVE-2024-55545 | Reflected Cross-Site Scripting — IAP-420CWE-79 | 6.1 | - | 2024-12-10 |
| CVE-2024-55544 | Authenticated Command Injection — IAP-420CWE-77 | 5.4 | - | 2024-12-10 |
| CVE-2024-5411 | Command Injection — IAP-420CWE-78 | 8.8AI | HighAI | 2024-05-28 |
| CVE-2024-5410 | Stored Cross-Site Scripting — IAP-420CWE-79 | 5.4AI | MediumAI | 2024-05-28 |
This page lists every published CVE security advisory associated with ORing. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.