Lucene search
+L

63 matches found

prion
prion
added 2018/08/17 3:29 p.m.23 views

Code injection

An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0...

6.5CVSS8.2AI score0.01331EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2018/08/17 3:29 p.m.21 views

CVE-2018-15360

An attacker without authentication can login with default credentials for privileged users in Eltex ESP-200 firmware version 1.2.0...

7.5CVSS7.3AI score0.01602EPSS
Exploits0References1
nvd
nvd
added 2018/08/17 3:29 p.m.17 views

CVE-2018-15358

An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0...

8.8CVSS8.3AI score0.01331EPSS
Exploits0References1
prion
prion
added 2018/08/17 3:29 p.m.13 views

Default credentials

An attacker without authentication can login with default credentials for privileged users in Eltex ESP-200 firmware version 1.2.0...

7.5CVSS7.3AI score0.01602EPSS
Exploits0References1Affected Software1
osv
osv
added 2018/08/17 3:29 p.m.5 views

CVE-2018-15358

An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0...

8.8CVSS5.8AI score0.01331EPSS
Exploits0References1
nvd
nvd
added 2018/08/17 3:29 p.m.21 views

CVE-2018-15359

An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0...

8.8CVSS8.6AI score0.01617EPSS
Exploits0References1
osv
osv
added 2018/08/17 3:29 p.m.5 views

CVE-2018-15360

An attacker without authentication can login with default credentials for privileged users in Eltex ESP-200 firmware version 1.2.0...

7.3CVSS5.8AI score0.01602EPSS
Exploits0References1
osv
osv
added 2018/08/17 3:29 p.m.4 views

CVE-2018-15356

An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200 firmware version 1.2.0...

8.8CVSS6AI score0.02517EPSS
Exploits0References1
prion
prion
added 2018/08/17 3:29 p.m.19 views

Code injection

An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0...

4CVSS6.5AI score0.01104EPSS
Exploits0References1Affected Software1
osv
osv
added 2018/08/17 3:29 p.m.6 views

CVE-2018-15359

An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0...

8.8CVSS5.8AI score0.01617EPSS
Exploits0References1
cvelist
cvelist
added 2018/08/17 3:0 p.m.15 views

CVE-2018-15357

An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0...

6.5AI score0.01104EPSS
Exploits0References1
cvelist
cvelist
added 2018/08/17 3:0 p.m.21 views

CVE-2018-15356

An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200 firmware version 1.2.0...

8.9AI score0.02517EPSS
Exploits0References1
cve
cve
added 2018/08/17 3:0 p.m.40 views

CVE-2018-15358

Summary: CVE-2018-15358 affects the Eltex ESP-200 wireless router, specifically firmware version 1.2.0. An authenticated attacker with low privileges can activate a high-privilege user, expanding the attacker’s access surface. The issue is described as an elevation of privilege vulnerability affe...

8.8CVSS8.2AI score0.01331EPSS
Exploits0References1Affected Software1
cve
cve
added 2018/08/17 3:0 p.m.46 views

CVE-2018-15356

CVE-2018-15356 affects Eltex ESP-200 firmware 1.2.0, where an authenticated attacker can execute arbitrary code via command ejection. The vulnerability is documented across multiple feeds (NVD, CNVD, CVE listing, PRION/PT-2018-12990) with an impact of remote code execution authenticated by creden...

8.8CVSS8.8AI score0.02517EPSS
Exploits0References1Affected Software1
cve
cve
added 2018/08/17 3:0 p.m.49 views

CVE-2018-15359

The CVE affects Eltex ESP-200 firmware version 1.2.0. An authenticated attacker with low privileges can exploit an insecure sudo configuration to expand the attack surface. The issue is tied to how sudo is configured on the device, enabling elevated access or broader control than intended. Offici...

8.8CVSS8.4AI score0.01617EPSS
Exploits0References1Affected Software1
cve
cve
added 2018/08/17 3:0 p.m.51 views

CVE-2018-15360

The CVE-2018-15360 vulnerability affects Eltex ESP-200 devices running firmware version 1.2.0. An unauthenticated attacker can log in using default credentials to obtain privileged access. Root cause: use of default credentials for privileged accounts. Impact: potential full control of the device...

7.5CVSS7.3AI score0.01602EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2018/08/17 3:0 p.m.20 views

CVE-2018-15360

An attacker without authentication can login with default credentials for privileged users in Eltex ESP-200 firmware version 1.2.0...

7.3AI score0.01602EPSS
Exploits0References1
cve
cve
added 2018/08/17 3:0 p.m.45 views

CVE-2018-15357

Eltex ESP-200 may disclose password hashes. Affected product: ESP-200 firmware version 1.2.0. Vulnerability: authenticated user with low privileges can extract password hash information for all users (information disclosure). Root cause: information disclosure in firmware 1.2.0 is documented acro...

6.5CVSS6.4AI score0.01104EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2018/08/17 3:0 p.m.23 views

CVE-2018-15359

An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0...

8.6AI score0.01617EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2018/08/17 12:0 a.m.6 views

PT-2018-12993 · Eltex · Eltex Esp-200 +1

Name of the Vulnerable Software and Affected Versions: Eltex ESP-200 firmware version 1.2.0 Description: The issue allows an authenticated attacker with low privileges to expand the attack surface due to an insecure sudo configuration. Recommendations: For Eltex ESP-200 firmware version 1.2.0,...

8.8CVSS7.4AI score0.01617EPSS
Exploits0References2
Rows per page
Query Builder