Lucene search
K

44 matches found

Cvelist
Cvelist
added 2021/04/29 2:22 p.m.43 views

CVE-2020-22002

An Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in Inim Electronics Smartliving SmartLAN/G/SI =6.x within the GetImage functionality. The application parses user supplied data in the GET parameter 'host' to construct an image request to the service through onvif.cgi. Sinc...

7.6AI score0.01352EPSS
Exploits1References2
CVE
CVE
added 2021/04/29 2:22 p.m.60 views

CVE-2020-22002

CVE-2020-22002 – Inim Electronics SmartLiving SmartLAN/G/SI (<=6.x) suffers an unauthenticated SSRF in GetImage where the application uses user-supplied GET parameter host to construct an image request via onvif.cgi without validating the value. The root cause is lack of input validation on ho...

7.5CVSS7.5AI score0.01352EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/04/29 2:10 p.m.26 views

CVE-2020-21995

Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system...

9.7AI score0.02023EPSS
Exploits0References2
CVE
CVE
added 2021/04/29 2:10 p.m.46 views

CVE-2020-21995

CVE-2020-21995 affects INIM Electronics SmartLiving SmartLAN/G/SI devices (affected <= 6.x). Root cause is hard-coded credentials embedded in the Linux distribution image, enabling an attacker to access Telnet, SSH, and FTP. Affected models include SmartLiving 505, 515, 1050/1050/G3, 10100L/10...

9.8CVSS9.5AI score0.02023EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/04/29 2:4 p.m.35 views

CVE-2020-21992

Inim Electronics SmartLiving SmartLAN/G/SI =6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary ELF 32-bit LSB...

9.2AI score0.05212EPSS
Exploits1References1
CVE
CVE
added 2021/04/29 2:4 p.m.50 views

CVE-2020-21992

Inim Electronics SmartLiving SmartLAN/G/SI <= 6.x (ARM, 32-bit) contains an authenticated remote command injection vulnerability. The issue arises because the par POST parameter is not sanitized when the testemail module is invoked via web.cgi; the vulnerable binary uses system() to run sh to ...

9CVSS9.1AI score0.05212EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/04/29 12:0 a.m.6 views

INIM ELECTRONICS SmartLiving System 代码问题漏洞

INIM ELECTRONICS SmartLiving System is an application of the Italian company INIM ELECTRONICS. A SmartLiving System. A security vulnerability exists in INIM ELECTRONICS SmartLiving System, which stems from a lack of validation of parameters, and can be exploited by an attacker to specify an...

7.5CVSS7.5AI score0.01352EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/04/29 12:0 a.m.3 views

INIM ELECTRONICS SmartLiving System 信任管理问题漏洞

INIM ELECTRONICS SmartLiving System is an application of the Italian company INIM ELECTRONICS. A SmartLiving System. A security vulnerability exists in INIM ELECTRONICS SmartLiving System that stems from the use of default hard-coded credentials...

9.8CVSS8.3AI score0.02023EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/12/17 12:0 a.m.26 views

Inim SmartLAN Hardcoded Credentials (Telnet)

SmartLAN devices utilize hardcoded credentials within its Linux distribution image. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.3CVSS5.3AI score0.00366EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/12/17 12:0 a.m.57 views

Inim SmartLAN Default Credentials (HTTP)

Inim SmartLAN is using known default credentials. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:inim:smartlang"; if description...

5.4AI score
Exploits0
OpenVAS
OpenVAS
added 2019/12/16 12:0 a.m.18 views

Inim SmartLAN Detection Consolidation

Consolidation of Inim SmartLAN device detections. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

5.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2019/12/16 12:0 a.m.12 views

Inim SmartLAN Detection (HTTP)

HTTP based detection of Inim SmartLAN devices. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4AI score
Exploits0
OpenVAS
OpenVAS
added 2019/12/16 12:0 a.m.9 views

Inim SmartLAN Detection (Telnet)

Telnet based detection of Inim SmartLAN devices. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3AI score
Exploits0
0day.today
0day.today
added 2019/12/11 12:0 a.m.263 views

Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Author: LiquidWorm Product web page: https://www.inim.biz Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/11 12:0 a.m.294 views

Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Vulnerabilit

Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Author: LiquidWorm Product web page: https://www.inim.biz Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/11 12:0 a.m.291 views

Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit

Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Product web page: https://www.inim.biz Link:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/12/10 12:0 a.m.188 views

Inim Electronics SmartLiving SmartLAN/G/SI 6.x Remote Root

!/bin/bash Inim Electronics SmartLiving SmartLAN/G/SI =6.x Root Remote Command Execution Vendor: INIM Electronics s.r.l. Product web page: https://www.inim.biz Link: https://www.inim.biz/en/antintrusion-control-panels/home-automation/control-panel-smartliving? Affected version: =6.x Affected...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/12/10 12:0 a.m.43 views

Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials

Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/12/10 12:0 a.m.48 views

Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution

Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2019/12/10 12:0 a.m.46 views

Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery

Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...

0.9AI score
Exploits0
Rows per page
Query Builder