Lucene search
K

27 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:56 a.m.7 views

CVE-2018-12261

An issue was discovered on Momentum Axel 720P 5.1.8 devices. All processes run as root...

4.4CVSS7AI score0.00329EPSS
Exploits1References1
CNVD
CNVD
added 2018/06/19 12:0 a.m.9 views

Unspecified Vulnerability in Momentum Axel 720P

The Momentum Axel 720P is a dual-band HD camera that supports WiFi connectivity. A security vulnerability exists in the Momentum Axel 720P that stems from the use of hard-coded passwords for the root and admin accounts: EHLGVG. An attacker in close physical proximity could exploit this...

7.2CVSS6.5AI score0.0043EPSS
Exploits1References1
CNVD
CNVD
added 2018/06/14 12:0 a.m.4 views

Momentum Axel 720P Hardcoded RTSP Certificate Vulnerability

The Momentum Axel 720P is a dual-band HD camera that supports WiFi connectivity. A security vulnerability exists in the Momentum Axel 720P version 5.1.8. An attacker can exploit the vulnerability by injecting an SD Card with firmware named 'ezviz.dav' to upgrade the firmware using this file...

7.2CVSS6.5AI score0.00454EPSS
Exploits1References1
CNVD
CNVD
added 2018/06/14 12:0 a.m.2 views

Momentum Axel 720P Information Disclosure Vulnerability

The Momentum Axel 720P is a dual-band HD camera that supports WiFi connectivity. A security vulnerability exists in Momentum Axel 720P version 5.1.8. An attacker can exploit the vulnerability by issuing the 'showKey' command to obtain a plaintext password...

6.7CVSS6.6AI score0.00376EPSS
Exploits1References1
CNVD
CNVD
added 2018/06/14 12:0 a.m.7 views

Momentum Axel 720P Buffer Overflow Vulnerability

The Momentum Axel 720P is a dual-band HD camera that supports WiFi connectivity. A buffer overflow vulnerability exists in Momentum Axel 720P version 5.1.8. An attacker can exploit this vulnerability to gain access to user accounts...

4.4CVSS5.5AI score0.00329EPSS
Exploits1References1
NVD
NVD
added 2018/06/13 4:29 p.m.25 views

CVE-2018-12323

An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded for the root and admin accounts, which makes it easier for physically proximate attackers to login at the console...

7.2CVSS6.7AI score0.0043EPSS
Exploits1References1
Prion
Prion
added 2018/06/13 4:29 p.m.13 views

Hardcoded credentials

An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded for the root and admin accounts, which makes it easier for physically proximate attackers to login at the console...

7.2CVSS6.7AI score0.0043EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/06/13 4:0 p.m.20 views

CVE-2018-12323

An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded for the root and admin accounts, which makes it easier for physically proximate attackers to login at the console...

6.8AI score0.0043EPSS
Exploits1References1
CVE
CVE
added 2018/06/13 4:0 p.m.44 views

CVE-2018-12323

CVE-2018-12323 affects Momentum Axel 720P 5.1.8 devices. A hard-coded password (EHLGVG) exists for the root and admin accounts, enabling physically proximate attackers to log in at the console. This is a local/physical access issue with high impact on confidentiality, integrity, and availability ...

7.2CVSS6.7AI score0.0043EPSS
Exploits1References1Affected Software2
NVD
NVD
added 2018/06/12 6:29 p.m.16 views

CVE-2018-12258

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Custom Firmware Upgrade is possible via an SD Card. With physical access, an attacker can upgrade the firmware in under 60 seconds by inserting an SD card containing the firmware with name 'ezviz.dav' and rebooting...

7.2CVSS6.5AI score0.00454EPSS
Exploits1References1
NVD
NVD
added 2018/06/12 6:29 p.m.13 views

CVE-2018-12257

An issue was discovered on Momentum Axel 720P 5.1.8 devices. There is Authenticated Custom Firmware Upgrade via DNS Hijacking. An authenticated root user with CLI access is able to remotely upgrade firmware to a custom image due to lack of SSL validation by changing the nameservers in...

4.4CVSS4.7AI score0.0035EPSS
Exploits1References1
OSV
OSV
added 2018/06/12 6:29 p.m.4 views

CVE-2018-12261

An issue was discovered on Momentum Axel 720P 5.1.8 devices. All processes run as root...

4.4CVSS5.8AI score0.00329EPSS
Exploits1References1
OSV
OSV
added 2018/06/12 6:29 p.m.4 views

CVE-2018-12260

An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices...

6.7CVSS5.8AI score0.00376EPSS
Exploits1References1
Prion
Prion
added 2018/06/12 6:29 p.m.16 views

Design/Logic Flaw

An issue was discovered on Momentum Axel 720P 5.1.8 devices. There is Authenticated Custom Firmware Upgrade via DNS Hijacking. An authenticated root user with CLI access is able to remotely upgrade firmware to a custom image due to lack of SSL validation by changing the nameservers in...

2.1CVSS4.8AI score0.0035EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/06/12 6:29 p.m.13 views

CVE-2018-12260

An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices...

6.7CVSS6.8AI score0.00376EPSS
Exploits1References1
Prion
Prion
added 2018/06/12 6:29 p.m.12 views

Default credentials

An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices...

2.1CVSS6.7AI score0.00376EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/06/12 6:29 p.m.15 views

Code injection

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Root access can be obtained via UART pins without any restrictions, which leads to full system compromise...

7.2CVSS6.6AI score0.0043EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/06/12 6:29 p.m.20 views

CVE-2018-12259

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Root access can be obtained via UART pins without any restrictions, which leads to full system compromise...

7.2CVSS6.6AI score0.0043EPSS
Exploits1References1
NVD
NVD
added 2018/06/12 6:29 p.m.18 views

CVE-2018-12261

An issue was discovered on Momentum Axel 720P 5.1.8 devices. All processes run as root...

4.4CVSS4.8AI score0.00329EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/06/12 6:0 p.m.15 views

CVE-2018-12258

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Custom Firmware Upgrade is possible via an SD Card. With physical access, an attacker can upgrade the firmware in under 60 seconds by inserting an SD card containing the firmware with name 'ezviz.dav' and rebooting...

6.5AI score0.00454EPSS
Exploits1References1
Rows per page
Query Builder