comtech CVE Vulnerabilities & Metrics

Focus on comtech vulnerabilities and metrics.

Last updated: 16 Jan 2026, 23:25 UTC

About comtech Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with comtech. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total comtech CVEs: 6
Earliest CVE date: 17 Oct 2019, 11:15 UTC
Latest CVE date: 26 Dec 2025, 16:15 UTC

Latest CVE reference: CVE-2025-67015

Rolling Stats

30-day Count (Rolling): 1
365-day Count (Rolling): 1

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical comtech CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 6.58

Max CVSS: 9.0

Critical CVEs (≥9): 4

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	0
7.0-8.9	0
9.0-10.0	4

CVSS Distribution Chart

Top 5 Highest CVSS comtech CVEs

These are the five CVEs with the highest CVSS scores for comtech, sorted by severity first and recency.

CVE-2020-7244 comtech Published on 20 Jan 2020, 22:15 UTC (CVSS: 9.0)
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Poll Routes page and entering shell metacharacters in the Router IP Address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
CVE-2020-7243 comtech Published on 20 Jan 2020, 22:15 UTC (CVSS: 9.0)
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
CVE-2020-7242 comtech Published on 20 Jan 2020, 22:15 UTC (CVSS: 9.0)
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Diagnostics Trace Route page and entering shell metacharacters in the Target IP address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
CVE-2020-5179 comtech Published on 02 Jan 2020, 14:16 UTC (CVSS: 9.0)
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Diagnostics Ping page and entering shell metacharacters in the Target IP address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
CVE-2019-17667 comtech Published on 17 Oct 2019, 11:15 UTC (CVSS: 3.5)
Comtech H8 Heights Remote Gateway 2.5.1 devices allow XSS and HTML injection via the Site Name (aka SiteName) field.

All CVEs for comtech

CVE-2025-67015 comtech vulnerability CVSS: 0 26 Dec 2025, 16:15 UTC

Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1 allows attackers to change the Administrator password and escalate privileges via sending a crafted POST request to /Forms/admin_access_1.

CVE-2020-7244 comtech vulnerability CVSS: 9.0 20 Jan 2020, 22:15 UTC

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Poll Routes page and entering shell metacharacters in the Router IP Address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)

CVE-2020-7243 comtech vulnerability CVSS: 9.0 20 Jan 2020, 22:15 UTC

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)

CVE-2020-7242 comtech vulnerability CVSS: 9.0 20 Jan 2020, 22:15 UTC

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Diagnostics Trace Route page and entering shell metacharacters in the Target IP address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)

CVE-2020-5179 comtech vulnerability CVSS: 9.0 02 Jan 2020, 14:16 UTC

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Diagnostics Ping page and entering shell metacharacters in the Target IP address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)

CVE-2019-17667 comtech vulnerability CVSS: 3.5 17 Oct 2019, 11:15 UTC

Comtech H8 Heights Remote Gateway 2.5.1 devices allow XSS and HTML injection via the Site Name (aka SiteName) field.