Filtered by vendor Elspec
Subscriptions
Filtered by product G5 Digital Fault Recorder
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59392 | 2 Elspec, Elspec-ltd | 3 G5 Digital Fault Recorder, G5dfr, G5dfr Firmware | 2026-02-04 | 6.8 Medium |
| On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inserting a USB drive (containing a publicly documented reset string) into a USB port. | ||||
| CVE-2024-22078 | 2 Elspec, Elspec-ltd | 3 G5 Digital Fault Recorder, G5dfr, G5dfr Firmware | 2025-04-16 | 8.8 High |
| An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Privilege escalation can occur via world writable files. The network configuration script has weak filesystem permissions. This results in write access for all authenticated users and the possibility to escalate from user privileges to administrative privileges. | ||||
| CVE-2024-22084 | 2 Elspec, Elspec-ltd | 3 G5 Digital Fault Recorder, G5dfr, G5dfr Firmware | 2025-04-16 | 7.5 High |
| An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Cleartext passwords and hashes are exposed through log files. | ||||
| CVE-2024-22081 | 2 Elspec, Elspec-ltd | 3 G5 Digital Fault Recorder, G5dfr, G5dfr Firmware | 2025-04-16 | 9.8 Critical |
| An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur in the HTTP header parsing mechanism. | ||||
Page 1 of 1.