44 matches found
Inim SmartLiving SmartLAN 操作系统命令注入漏洞
Inim SmartLiving SmartLAN is a series of network communication extension modules from the Italian company Inim. An operating system command injection vulnerability exists in Inim SmartLiving SmartLAN 6.x and earlier versions, which stems from an uncleared par parameter and could lead to a remote...
Inim SmartLiving SmartLAN/SI,Inim SmartLiving SmartLAN/G 信任管理问题漏洞
Inim SmartLiving SmartLAN/SI and Inim SmartLiving SmartLAN/G are both a series of network communication extension modules from Inim Italy. A trust management issue vulnerability exists in Inim SmartLiving SmartLAN/SI,Inim SmartLiving SmartLAN/G version 6.x and earlier, which stems from the presen...
Inim SmartLiving SmartLAN/SI和Inim SmartLiving SmartLAN/G 代码问题漏洞
Inim SmartLiving SmartLAN/SI and Inim SmartLiving SmartLAN/G are both a series of network communication extension modules from Inim Italy. A code issue vulnerability exists in Inim SmartLiving SmartLAN/SI and Inim SmartLiving SmartLAN/G versions 6.x and earlier, which stems from unvalidated input...
CVE-2019-25291
INIM Electronics Smartliving SmartLAN/G/SI =6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. Attackers can exploit these persistent credentials to log in and gain unauthorized system access across multiple SmartLiving...
CVE-2019-25291 INIM Electronics Smartliving SmartLAN/G/SI <=6.x Hard-coded Credentials Vulnerability
INIM Electronics Smartliving SmartLAN/G/SI =6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. Attackers can exploit these persistent credentials to log in and gain unauthorized system access across multiple SmartLiving...
CVE-2019-25291 INIM Electronics Smartliving SmartLAN/G/SI <=6.x Hard-coded Credentials Vulnerability
INIM Electronics Smartliving SmartLAN/G/SI =6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. Attackers can exploit these persistent credentials to log in and gain unauthorized system access across multiple SmartLiving...
PT-2026-1683
Name of the Vulnerable Software and Affected Versions INIM Electronics Smartliving SmartLAN/G/SI versions 6.x and earlier Description The Smartliving SmartLAN/G/SI software contains hard-coded credentials within its Linux distribution image. These credentials cannot be altered through standard...
EUVD-2020-14768
Malware in sbrugna...
EUVD-2020-14761
Malware in sbrugna...
CVE-2020-22002
An Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in Inim Electronics Smartliving SmartLAN/G/SI =6.x within the GetImage functionality. The application parses user supplied data in the GET parameter 'host' to construct an image request to the service through onvif.cgi. Sinc...
CVE-2020-21992
Inim Electronics SmartLiving SmartLAN/G/SI =6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary ELF 32-bit LSB...
CVE-2020-21995
Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system...
CVE-2020-21992
Inim Electronics SmartLiving SmartLAN/G/SI =6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary ELF 32-bit LSB...
CVE-2020-22002
An Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in Inim Electronics Smartliving SmartLAN/G/SI =6.x within the GetImage functionality. The application parses user supplied data in the GET parameter 'host' to construct an image request to the service through onvif.cgi. Sinc...
CVE-2020-21995
Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system...
CVE-2020-21992
Inim Electronics SmartLiving SmartLAN/G/SI =6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary ELF 32-bit LSB...
CVE-2020-21995
Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system...
Hardcoded credentials
Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system...
Server side request forgery (ssrf)
An Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in Inim Electronics Smartliving SmartLAN/G/SI =6.x within the GetImage functionality. The application parses user supplied data in the GET parameter 'host' to construct an image request to the service through onvif.cgi. Sinc...
Command injection
Inim Electronics SmartLiving SmartLAN/G/SI =6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary ELF 32-bit LSB...