CVE-2017-13664

2017-12-0117:00:00

mitre

www.cve.org

9.8 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.6%

JSON

Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to execute arbitrary commands with administrative privileges by retrieving credentials from this file.

References

poppopretn.com/2017/11/30/public-disclosure-firmware-vulnerabilities-in-ismartalarm-cubeone/