G5 Digital Fault Recorder CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-22078	2 Elspec, Elspec-ltd	3 G5 Digital Fault Recorder, G5dfr, G5dfr Firmware	2025-04-16	8.8 High
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Privilege escalation can occur via world writable files. The network configuration script has weak filesystem permissions. This results in write access for all authenticated users and the possibility to escalate from user privileges to administrative privileges.
CVE-2024-22084	2 Elspec, Elspec-ltd	3 G5 Digital Fault Recorder, G5dfr, G5dfr Firmware	2025-04-16	7.5 High
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Cleartext passwords and hashes are exposed through log files.
CVE-2024-22081	2 Elspec, Elspec-ltd	3 G5 Digital Fault Recorder, G5dfr, G5dfr Firmware	2025-04-16	9.8 Critical
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur in the HTTP header parsing mechanism.

Page 1 of 1.