oringnet CVE Vulnerabilities & Metrics

Focus on oringnet vulnerabilities and metrics.

Last updated: 25 Nov 2025, 23:25 UTC

About oringnet Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with oringnet. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total oringnet CVEs: 6
Earliest CVE date: 21 Oct 2022, 13:15 UTC
Latest CVE date: 10 Dec 2024, 17:15 UTC

Latest CVE reference: CVE-2024-55548

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 5

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical oringnet CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 0.0

Max CVSS: 0

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	6
4.0-6.9	0
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS oringnet CVEs

These are the five CVEs with the highest CVSS scores for oringnet, sorted by severity first and recency.

CVE-2024-55548 oringnet Published on 10 Dec 2024, 17:15 UTC (CVSS: 0)
Improper check of password character lenght in ORing IAP-420 allows a forced deadlock. This issue affects IAP-420: through 2.01e.
CVE-2024-55547 oringnet Published on 10 Dec 2024, 17:15 UTC (CVSS: 0)
SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP-420: through 2.01e.
CVE-2024-55546 oringnet Published on 10 Dec 2024, 17:15 UTC (CVSS: 0)
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVE-2024-55545 oringnet Published on 10 Dec 2024, 17:15 UTC (CVSS: 0)
Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVE-2024-55544 oringnet Published on 10 Dec 2024, 16:15 UTC (CVSS: 0)
Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below.

All CVEs for oringnet

CVE-2024-55548 oringnet vulnerability CVSS: 0 10 Dec 2024, 17:15 UTC

Improper check of password character lenght in ORing IAP-420 allows a forced deadlock. This issue affects IAP-420: through 2.01e.

CVE-2024-55547 oringnet vulnerability CVSS: 0 10 Dec 2024, 17:15 UTC

SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP-420: through 2.01e.

CVE-2024-55546 oringnet vulnerability CVSS: 0 10 Dec 2024, 17:15 UTC

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.

CVE-2024-55545 oringnet vulnerability CVSS: 0 10 Dec 2024, 17:15 UTC

Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.

CVE-2024-55544 oringnet vulnerability CVSS: 0 10 Dec 2024, 16:15 UTC

Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below.

CVE-2022-3203 oringnet vulnerability CVSS: 0 21 Oct 2022, 13:15 UTC

On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot.