EUVD-2017-4145

Malware in sbrugna...

EUVD-2017-4146

Malware in sbrugna...

PLANEX CS-W50HD Hardcoded Credentials Vulnerability (HTTP)

PLANEX CS-W50HD network camera are using hardcoded credentials for the HTTP login. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-12573

An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". An attacker can send a crafted HTTP POST request to execute arbitrary code. Authentication is...

Command injection

An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". An attacker can send a crafted HTTP POST request to execute arbitrary code. Authentication is...

CVE-2017-12573

An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". An attacker can send a crafted HTTP POST request to execute arbitrary code. Authentication is...

CVE-2017-12574

An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows attackers to gain unauthorized access and control the device completely; th...

Hardcoded credentials

An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows attackers to gain unauthorized access and control the device completely; th...

CVE-2017-12573

An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". An attacker can send a crafted HTTP POST request to execute arbitrary code. Authentication is...

CVE-2017-12573

PLANEX CS-W50HD devices with firmware prior to 030720 expose a command-injection vulnerability in the web management UI on the NAS settings page at /cgi-bin/nasset.cgi. An attacker can send a crafted HTTP POST request to execute arbitrary code, with authentication required before the attack. This...

CVE-2017-12574

CVE-2017-12574 affects PLANEX CS-W50HD devices running firmware before 030720. A hardcoded credential, "supervisor:dangerous", was injected into the web authentication database at boot (/.htpasswd), granting attackers full unauthorised control; the account cannot be modified or deleted. Multiple ...

PLANEX CS-W50HD Hardcoded Credential

Reserved CVE: CVE-2017-12574 Description A hidden and undocumented account exists that allows attackers to gain unauthorized access and control the device completely; the account can't be modified or deleted. Vulnerability Type Default user/password Affected Product Code Base Firmware ver 030608...

PLANEX CS-W50HD Command Injection Vulnerability

PLANEX is a Japanese networking brand company brands PCI and PLANEX. We provide products from enterprise customers to home customers e.g., network cards, routers, switches, L3 managed switches, accessories, Bluetooth products, print servers, Apple peripherals, network storage devices, etc.. The...

PLANEX CS-W50HD Default Username Password Vulnerability

PLANEX is a Japanese networking brand company brands PCI and PLANEX. We provide products from enterprise customers to home customers e.g., network cards, routers, switches, L3 managed switches, accessories, Bluetooth products, print servers, Apple peripherals, network storage devices, etc.. PLANE...