RSS   Vulnerabilities for 'Siris virtual firmware'   RSS

2018-02-20
 
CVE-2015-9256

CWE-200
 

 
Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information via access to device/VM restore mount points, because they do not have ACLs by default.

 
 
CVE-2015-9255

CWE-200
 

 
Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information about data, software versions, configuration, and virtual machines via a request to a Web Virtual Directory.

 
 
CVE-2015-9254

CWE-798
 

 
Datto ALTO and SIRIS devices have a default VNC password.

 
 
CVE-2015-2081

CWE-20
 

 
Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts.

 

 >>> Vendor: Datto 10 Products
Backup agent
Windows agent
Alto 2 firmware
Alto 3 firmware
Alto imaged firmware
Alto xl firmware
Siris 2 firmware
Siris 3 firmware
Siris 3 x all-flash firmware
Siris virtual firmware


Copyright 2024, cxsecurity.com

 

Back to Top