6 matches found
EUVD-2020-23252
Malware in sbrugna...
EUVD-2020-23251
Malware in sbrugna...
CVE-2020-35586
In Solstice Pod before 3.3.0 or Open4.3, the Administrator password can be enumerated using brute-force attacks via the /Config/service/initModel?password= Solstice Open Control API because there is no complexity requirement e.g., it might be all digits or all lowercase letters...
CVE-2020-35585
In Solstice Pod before 3.3.0 or Open4.3, the screen key can be enumerated using brute-force attacks via the /lookin/info Solstice Open Control API because there are only 1.7 million possibilities...
CVE-2020-35586
In Solstice Pod before 3.3.0 or Open4.3, the Administrator password can be enumerated using brute-force attacks via the /Config/service/initModel?password= Solstice Open Control API because there is no complexity requirement e.g., it might be all digits or all lowercase letters...
Mersive Solstice Pod Security Vulnerability
Mersive Solstice Pod is a software application for conference screen sharing from Mersive USA. A security vulnerability exists in versions prior to Solstice Pod 3.3.0 or Open4.3, which can be exploited to enumerate screen keys using a strong attack via the lookin info winter to the Open Control...