RSS   Vulnerabilities for 'Esp-200 firmware'   RSS

2018-08-17
 
CVE-2018-15360

CWE-798
 

 
An attacker without authentication can login with default credentials for privileged users in Eltex ESP-200 firmware version 1.2.0.

 
 
CVE-2018-15359

CWE-noinfo
 

 
An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0.

 
 
CVE-2018-15358

 

 
An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0.

 
 
CVE-2018-15357

 

 
An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0.

 
 
CVE-2018-15356

CWE-77
 

 
An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200 firmware version 1.2.0.

 


Copyright 2024, cxsecurity.com

 

Back to Top