Lucene search
K

104 matches found

NVD
NVD
added 2023/03/13 9:15 p.m.23 views

CVE-2023-0351

The Akuvox E11 web server backend library allows command injection in the device phone-book contacts functionality. This could allow an attacker to upload files with executable command instructions...

8.8CVSS9AI score0.01386EPSS
Exploits0References1
Prion
Prion
added 2023/03/13 9:15 p.m.21 views

Design/Logic Flaw

The Akuvox E11 Media Access Control MAC address, a primary identifier, combined with the Akuvox E11 IP address, could allow an attacker to identify the device on the Akuvox cloud...

5CVSS6.2AI score0.00517EPSS
Exploits0References1
Prion
Prion
added 2023/03/13 9:15 p.m.25 views

Default credentials

The Akuvox E11 secure shell SSH server is enabled by default and can be accessed by the root user. This password cannot be changed by the user...

7.5CVSS9.6AI score0.00668EPSS
Exploits0References1
Prion
Prion
added 2023/03/13 9:15 p.m.19 views

Design/Logic Flaw

The Akuvox E11 libvoice library provides unauthenticated access to the camera capture for image and video. This could allow an attacker to view and record image and video from the camera...

6.4CVSS9.1AI score0.00571EPSS
Exploits0References1
Prion
Prion
added 2023/03/13 9:15 p.m.14 views

Design/Logic Flaw

Akuvox E11 cloud login is performed through an unencrypted HTTP connection. An attacker could gain access to the Akuvox cloud and device if the MAC address of a device if known...

5CVSS8AI score0.00571EPSS
Exploits0References1
Prion
Prion
added 2023/03/13 9:15 p.m.15 views

Authentication flaw

The Akuvox E11 web server can be accessed without any user authentication, and this could allow an attacker to access sensitive information, as well as create and download packet captures with known default URLs...

6.4CVSS9.1AI score0.00634EPSS
Exploits0References1
Prion
Prion
added 2023/03/13 9:15 p.m.13 views

Default credentials

The Akuvox E11 password recovery webpage can be accessed without authentication, and an attacker could download the device key file. An attacker could then use this page to reset the password back to the default...

6.4CVSS9.2AI score0.00634EPSS
Exploits0References1
CVE
CVE
added 2023/03/13 8:29 p.m.55 views

CVE-2023-0345

CVE-2023-0345 (Akuvox E11) : The vulnerability is due to the SSH server being enabled by default and accessible as root with a password that cannot be changed. Reported in multiple sources, including the RT-ICS briefing and Red Hat advisories, it carries a high impact (C/H/I/H) and a base CVSS v3...

9.8CVSS9.7AI score0.00668EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/13 8:29 p.m.7 views

CVE-2023-0345 CVE-2023-0345

The Akuvox E11 secure shell SSH server is enabled by default and can be accessed by the root user. This password cannot be changed by the user...

9.8CVSS7.2AI score0.00668EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/13 8:29 p.m.36 views

CVE-2023-0345 CVE-2023-0345

The Akuvox E11 secure shell SSH server is enabled by default and can be accessed by the root user. This password cannot be changed by the user...

9.8CVSS9.8AI score0.00668EPSS
Exploits0References1
CVE
CVE
added 2023/03/13 8:28 p.m.50 views

CVE-2023-0346

Summary: CVE-2023-0346 affects Akuvox E11 cloud login via an unencrypted HTTP connection, enabling potential access to the Akuvox cloud and device if the MAC address is known. The issue is categorized as improper authentication (CWE-287) and is part of a broader set of vulnerabilities affecting A...

7.5CVSS7.7AI score0.00571EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/13 8:28 p.m.7 views

CVE-2023-0346 CVE-2023-0346

Akuvox E11 cloud login is performed through an unencrypted HTTP connection. An attacker could gain access to the Akuvox cloud and device if the MAC address of a device if known...

7.5CVSS7AI score0.00571EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/13 8:28 p.m.22 views

CVE-2023-0346 CVE-2023-0346

Akuvox E11 cloud login is performed through an unencrypted HTTP connection. An attacker could gain access to the Akuvox cloud and device if the MAC address of a device if known...

7.5CVSS7.8AI score0.00571EPSS
Exploits0References1
CVE
CVE
added 2023/03/13 8:27 p.m.42 views

CVE-2023-0347

The CVE-2023-0347 entry concerns Akuvox E11 devices. The vulnerability is exposure/identification of a device on Akuvox cloud by combining the MAC address with the E11 IP address (information disclosure). Affected product: Akuvox E11 (all versions). Impact: enables attacker to identify devices on...

7.5CVSS6AI score0.00517EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/13 8:27 p.m.13 views

CVE-2023-0347 CVE-2023-0347

The Akuvox E11 Media Access Control MAC address, a primary identifier, combined with the Akuvox E11 IP address, could allow an attacker to identify the device on the Akuvox cloud...

7.5CVSS7AI score0.00517EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/13 8:27 p.m.22 views

CVE-2023-0347 CVE-2023-0347

The Akuvox E11 Media Access Control MAC address, a primary identifier, combined with the Akuvox E11 IP address, could allow an attacker to identify the device on the Akuvox cloud...

7.5CVSS7.6AI score0.00517EPSS
Exploits0References1
CVE
CVE
added 2023/03/13 8:24 p.m.64 views

CVE-2023-0348

CVE-2023-0348 affects Akuvox E11. The vulnerability is improper access control in the SIP servers, allowing direct SIP calls without enforcement of access controls and enabling an attacker to contact any device within Akuvox to call another device. The issue has a high impact (CVSS v3 base score ...

7.5CVSS7.7AI score0.00536EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/13 8:24 p.m.28 views

CVE-2023-0348 CVE-2023-0348

Akuvox E11 allows direct SIP calls. No access control is enforced by the SIP servers, which could allow an attacker to contact any device within Akuvox to call any other device...

7.5CVSS7.7AI score0.00536EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/13 8:24 p.m.7 views

CVE-2023-0348 CVE-2023-0348

Akuvox E11 allows direct SIP calls. No access control is enforced by the SIP servers, which could allow an attacker to contact any device within Akuvox to call any other device...

7.5CVSS6.8AI score0.00536EPSS
Exploits0References1
CVE
CVE
added 2023/03/13 8:23 p.m.56 views

CVE-2023-0349

CVE-2023-0349 affects Akuvox E11 due to unauthenticated access in the libvoice library, enabling viewing/recording of camera captures. Affected: Akuvox E11 (libvoice). Vulnerability category: missing authentication for critical function (CWE-862) as described in the ics advisory. Impact: unauthor...

9.1CVSS8.5AI score0.00571EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder