RSS   Vulnerabilities for 'Jtc-200 firmware'   RSS

2017-10-12
 
CVE-2016-5791

 

 
An Improper Authentication issue was discovered in JanTek JTC-200, all versions. The improper authentication could provide an undocumented BusyBox Linux shell accessible over the TELNET service without any authentication.

 
 
CVE-2016-5789

 

 
A Cross-site Request Forgery issue was discovered in JanTek JTC-200, all versions. An attacker could perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request.

 


Copyright 2019, cxsecurity.com

 

Back to Top