52 matches found
EUVD-2020-4252
Malware in sbrugna...
EUVD-2020-4257
Malware in sbrugna...
CVE-2020-11915
An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. By sending a setparams.cgi?telnetd=1=1=1 request to the webserver, it is possible to enable the telnet interface on the device. The telnet interface can then be used to obtain access to the device with root privileges via a...
CVE-2020-11918
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. When a backup file is created through the web interface, information on all users, including passwords, can be found in cleartext in the backup file. An attacker capable of accessing the web interface can create the backup file...
CVE-2020-11920
An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. A command injection vulnerability resides in the HOST/IP section of the NFS settings menu in the webserver running on the device. By injecting Bash commands via shell metacharacters here, the device executes arbitrary code...
CVE-2020-11917
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. It uses a default SSID value, which makes it easier for remote attackers to discover the physical locations of many Siime Eye devices, violating the privacy of users who do not wish to disclose their ownership of this type of...
CVE-2020-11919
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. There is no CSRF protection...
CVE-2020-11916
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user is hashed using an old and deprecated hashing technique. Because of this deprecated hashing, the success probability of an attacker in an offline cracking attack is greatly increased...
CVE-2020-11919
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. There is no CSRF protection...
CVE-2020-11917
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. It uses a default SSID value, which makes it easier for remote attackers to discover the physical locations of many Siime Eye devices, violating the privacy of users who do not wish to disclose their ownership of this type of...
CVE-2020-11919
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. There is no CSRF protection...
CVE-2020-11916
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user is hashed using an old and deprecated hashing technique. Because of this deprecated hashing, the success probability of an attacker in an offline cracking attack is greatly increased...
CVE-2020-11916
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user is hashed using an old and deprecated hashing technique. Because of this deprecated hashing, the success probability of an attacker in an offline cracking attack is greatly increased...
CVE-2020-11917
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. It uses a default SSID value, which makes it easier for remote attackers to discover the physical locations of many Siime Eye devices, violating the privacy of users who do not wish to disclose their ownership of this type of...
CVE-2020-11918
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. When a backup file is created through the web interface, information on all users, including passwords, can be found in cleartext in the backup file. An attacker capable of accessing the web interface can create the backup file...
CVE-2020-11918
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. When a backup file is created through the web interface, information on all users, including passwords, can be found in cleartext in the backup file. An attacker capable of accessing the web interface can create the backup file...
CVE-2020-11916
Siime Eye 14.1.00000001.3.330.0.0.3.14 is affected. The root password is hashed with an old/deprecated technique, increasing offline guessing risk. No exploit details are provided in the documents. Remediation: update to the latest firmware (per PT-2024-10770) and, as a temporary measure, restric...
CVE-2020-11918
CVE-2020-11918 affects Siime Eye 14.1.00000001.3.330.0.0.3.14. The vulnerability arises when creating a backup via the web interface, which can produce a backup file containing plaintext information for all users, including passwords. An attacker who can access the web interface can trigger backu...
Svakom Siime Eye 安全漏洞
Svakom Siime Eye is a smart home device from Svakom USA. A security vulnerability exists in Svakom Siime Eye version 14.1.00000001.3.330.0.0.3.14, which originates from the fact that when a backup file is created through the web interface, information about all users can be found in plaintext in...
Svakom Siime Eye 安全漏洞
Svakom Siime Eye is a smart home device from Svakom, USA. A security vulnerability exists in Svakom Siime Eye version 14.1.00000001.3.330.0.0.3.14, which stems from the use of a default SSID value that makes it easier for a remote attacker to discover the physical location of the device, violatin...