39 matches found
Hardcoded credentials
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account...
Hardcoded credentials
Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account...
CVE-2020-8000
Intellian Aptus Web 1.24 contains a hardcoded intellian account password (12345678). This yields a high-severity, network-exposed risk with potential full impact on confidentiality, integrity, and availability per CVSS 3.1/BASE. The connected sources confirm the issue but do not provide remediati...
CVE-2020-8000
Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account...
CVE-2020-8001
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account...
CVE-2020-8001
The CVE-2020-8001 entry concerns the Intellian Aptus Android app (1.0.2) that hardcodes the masteruser FTP password, intellian. This creates a credential exposure allowing unauthorized FTP access within the app’s functionality, consistent with the reported CVSS base metrics (Android app, hardcode...
CVE-2020-7999
The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOADAPIKEY and FILEDOWNLOADAPIKEY...
CVE-2020-7999
CVE-2020-7999 affects the Intellian Aptus Android app (version 1.0.2). The issue is that it contains hardcoded values for DOWNLOAD_API_KEY and FILE_DOWNLOAD_API_KEY, which constitutes a credential exposure in the client. The linked sources (NVD/Red Hat/NVD-like entries) confirm the same descripti...
CVE-2020-7980
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed...
CVE-2020-7980
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed...
Design/Logic Flaw
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed...
CVE-2020-7980
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed...
CVE-2020-7980
CVE-2020-7980 affects Intellian Aptus Web 1.24). If upgrading, ensure the target version is updated to a non-vulnerable release per the sources. Exploitation details and PoCs exist in several repositories, including a PoC script demonstrating RCE and root-level commands. No additional exploit ve...
PT-2020-19895 · Intellian · Intellian Satellian +1
Name of the Vulnerable Software and Affected Versions: Intellian Aptus Web version 1.24 Intellian Satellian version 1.12 Description: The issue allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the "cgi-bin/libagent.cgi" URI. A valid sid cookie for a log...
CVE-2017-7278
Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors...
CVE-2017-7278
Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors...
Code injection
Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors...
CVE-2017-7278
Technical details about CVE-2017-7278 are not public in the provided documents. No affected products, root cause, or remediation are specified here. Monitor for updates from official advisories.
CVE-2017-7278
Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors...