EUVD-2015-8246

Malware in sbrugna...

EUVD-2016-3073

Malware in sbrugna...

CVE-2023-38523

The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder...

PT-2023-26499 · Samsung · Samsung Harman Amx N-Series N3000 Video Encoder/Decoder +6

Name of the Vulnerable Software and Affected Versions: Samsung Harman AMX N-Series N1115 Wallplate Video Encoder versions prior to 1.15.61 Samsung Harman AMX N-Series N1x22A Video Encoder/Decoder versions prior to 1.15.61 Samsung Harman AMX N-Series N1x33A Video Encoder/Decoder versions prior to...

CVE-2023-38523

The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder...

CVE-2023-38523

The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder...

CVE-2019-11224

HARMAN AMX MVP5150 v2.87.13 devices allow remote OS Command Injection...

Command injection

HARMAN AMX MVP5150 v2.87.13 devices allow remote OS Command Injection...

CVE-2019-11224

HARMAN AMX MVP5150 v2.87.13 devices allow remote OS Command Injection...

Unspecified vulnerability in Harman AMX (CNVD-2016-00786)

Harman AMX is a series of conversion controller products from Harman USA. A security vulnerability exists in the 'setUpSubtleUserAccount' function in the /bin/bw URI in versions of Harman AMX prior to 2015-10-12, which stems from the use of hard-coded passwords for BlackWidow accounts. A remote...

CVE-2016-1984

The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access via a 1 SSH or 2 HTTP session, a different vulnerability than CVE-2015-8362...

CVE-2015-8362

The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a 1 SSH or 2 HTTP session, a different vulnerability than CVE-2016-1984...

Hardcoded credentials

The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a 1 SSH or 2 HTTP session, a different vulnerability than CVE-2016-1984...

Hardcoded credentials

The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access via a 1 SSH or 2 HTTP session, a different vulnerability than CVE-2015-8362...

CVE-2016-1984

The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access via a 1 SSH or 2 HTTP session, a different vulnerability than CVE-2015-8362...

CVE-2016-1984

The CVE-2016-1984 issue concerns Harman AMX devices where the setUpSubtleUserAccount function in /bin/bw uses a hard-coded 1MB@tMaN password (and related 1.4.x hard-coded 1MB@tMaN on certain builds), enabling remote access via SSH or HTTP. Affected firmware lines include 1.4.65 through 1.4.72, wi...

CVE-2015-8362

CVE-2015-8362 affects Harman AMX devices (various NetLinx controllers, Massio MCP-10x, Enova DGX/DVX lines, NI/NX series, ME260/64, etc.) where the setUpSubtleUserAccount function in /bin/bw uses a hard-coded BlackWidow diagnostic account password. This creates remote-access risk via SSH or HTTP ...

Harman AMX multimedia devices contain hard-coded credentials

Overview Multiple models of Harman AMX multimedia devices contain a hard-coded debug account. Description CWE-798: Use of Hard-coded Credentials - CVE-2015-8362According to the researchers' blog post, several models of Harman AMX multimedia devices contain a hard-coded "backdoor" account with...