Lucene search
PRIOn knowledge basePRION:CVE-2018-20220HistoryMar 21, 2019 - 4:00 p.m.
Authentication flaw
2019-03-2116:00:00
PRIOn knowledge base
www.prio-n.com
1
An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. While the web interface requires authentication before it can be interacted with, a large portion of the HTTP endpoints are missing authentication. An attacker is able to view these pages before being authenticated, and some of these pages may disclose sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| enc-400_hdmi2_firmware | le | 2.56 | |
| enc-400_hdmi_firmware | le | 2.56 | |
| enc-400_hdsdi_firmware | le | 2.56 |
Related
cve
cve
CVE-2018-20220
2019-03-21 16:00:35
nvd
nvd
CVE-2018-20220
2019-03-21 16:00:35
cvelist
cvelist
CVE-2018-20220
2019-03-17 20:51:20
zdt
zdt
Teracue ENC-400 Command Injection / Missing Authentication Vulnerabilities
2019-02-21 00:00:00
packetstorm
packetstorm
Teracue ENC-400 Command Injection / Missing Authentication
2019-02-20 00:00:00
exploitpack
exploitpack
Teracue ENC-400 - Command Injection Missing Authentication
2019-02-22 00:00:00
exploitdb
exploitdb
Teracue ENC-400 - Command Injection / Missing Authentication
2019-02-22 00:00:00