2 matches found
CVE-2018-20219
CVE-2018-20219 (Teracue ENC-400) affects firmware 2.56 and earlier. Public documents confirm an authentication bypass caused by a hard-coded cookie/token stored in /usr/share/www/check.lp that permits access to the web admin panel after login, enabling persistent access without a password. Even p...
Teracue ENC-400 Command Injection / Missing Authentication
Introduction ============ Multiple vulnerabilities were identified within the Teracue ENC-400, including pre-authenticated remote code authentication. While the vendor has released updated firmware after these issues were identified, they are not all resolved with the latest version of the...