CVE-2019-25291

INIM Electronics Smartliving SmartLAN/G/SI =6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. Attackers can exploit these persistent credentials to log in and gain unauthorized system access across multiple SmartLiving...

CVE-2019-25291 INIM Electronics Smartliving SmartLAN/G/SI <=6.x Hard-coded Credentials Vulnerability

INIM Electronics Smartliving SmartLAN/G/SI =6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. Attackers can exploit these persistent credentials to log in and gain unauthorized system access across multiple SmartLiving...

CVE-2019-25290 INIM Electronics Smartliving SmartLAN/G/SI <=6.x Unauthenticated SSRF via GetImage

Smartliving SmartLAN/G/SI =6.x contains an unauthenticated server-side request forgery vulnerability in the GetImage functionality through the 'host' parameter. Attackers can exploit the onvif.cgi endpoint by specifying external domains to bypass firewalls and perform network enumeration through...

CVE-2020-21995

Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system...