Lucene search
+L

104 matches found

cvelist
cvelist
added 2023/03/13 7:57 p.m.25 views

CVE-2023-0355 CVE-2023-0355

Akuvox E11 uses a hard-coded cryptographic key, which could allow an attacker to decrypt sensitive information...

6.5CVSS7.6AI score0.00534EPSS
Exploits0References1
cve
cve
added 2023/03/13 7:57 p.m.59 views

CVE-2023-0355

CVE-2023-0355 affects the Akuvox E11 doorbell camera. The vulnerability is described as the use of a hard-coded cryptographic key , which could allow an attacker to decrypt sensitive information. The CVE entry does not provide exploit details. The related ics advisory (IcsA-23-068-01) characteriz...

7.5CVSS7AI score0.00534EPSS
Exploits0References1Affected Software1
thn
thn
added 2023/03/13 7:36 a.m.5 views

Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom

More than a dozen security flaws have been disclosed in E11, a smart intercom product made by Chinese company Akuvox. "The vulnerabilities could allow attackers to execute code remotely in order to activate and control the device's camera and microphone, steal video and images, or gain a network...

9.8CVSS8.2AI score0.01067EPSS
Exploits0
thn
thn
added 2023/03/13 7:36 a.m.110 views

Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom

More than a dozen security flaws have been disclosed in E11, a smart intercom product made by Chinese company Akuvox. "The vulnerabilities could allow attackers to execute code remotely in order to activate and control the device's camera and microphone, steal video and images, or gain a network...

9.8CVSS1AI score0.01067EPSS
Exploits0
ptsecurity
ptsecurity
added 2023/03/13 12:0 a.m.5 views

PT-2023-16202 · Akuvox · Akuvox E11

Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue allows an attacker to upload a file to the device by changing the extension of a malicious file to an accepted file type, as the device does not ensure that a file extension is...

6.5CVSS6.3AI score0.00258EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2023/03/13 12:0 a.m.7 views

PT-2023-16200 · Akuvox · Akuvox E11

Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue concerns a lack of access control in the SIP servers of Akuvox E11, allowing an attacker to make direct SIP calls to any device within the system, potentially enabling them to...

7.5CVSS7.3AI score0.00536EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2023/03/13 12:0 a.m.6 views

PT-2023-16204 · Akuvox · Akuvox E11

Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue concerns the Akuvox E11 password recovery webpage, which can be accessed without proper authentication. This allows an attacker to download the device key file and subsequently...

9.1CVSS9.1AI score0.00634EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2023/03/13 12:0 a.m.10 views

PT-2023-8987 · Akuvox · Akuvox E11

Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue is related to the Akuvox E11 secure shell SSH server, which is enabled by default and accessible by the root user with a password that cannot be changed by the user. This conce...

10CVSS9.3AI score0.00668EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2023/03/13 12:0 a.m.14 views

PT-2023-16197 · Akuvox · Akuvox E11

Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue concerns a custom version of the dropbear SSH server used by Akuvox E11, which allows an insecure option not present in the official dropbear SSH server by default...

9.1CVSS7.4AI score0.00566EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2023/03/13 12:0 a.m.7 views

PT-2023-16201 · Akuvox · Akuvox E11

Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue allows unauthenticated access to the camera capture for image and video, potentially enabling an attacker to view and record image and video from the camera. Recommendations: A...

9.1CVSS9AI score0.00571EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2023/03/13 12:0 a.m.5 views

PT-2023-16207 · Akuvox · Akuvox E11

Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue concerns the use of a hard-coded cryptographic key, which could potentially allow an attacker to decrypt sensitive information. Recommendations: At the moment, there is no...

7.5CVSS7.3AI score0.00534EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2023/03/13 12:0 a.m.5 views

PT-2023-16203 · Akuvox · Akuvox E11

Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue concerns command injection in the device phone-book contacts functionality of the Akuvox E11 web server backend library. This could allow an attacker to upload files with...

8.8CVSS8.8AI score0.01335EPSS
Exploits0References2
cnnvd
cnnvd
added 2023/03/10 12:0 a.m.6 views

Akuvox E11 安全漏洞

Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that originates from the use of a customized version of the dropbear SSH service. This service allows an insecure option...

9.1CVSS7.7AI score0.00566EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/03/10 12:0 a.m.6 views

Akuvox E11 信任管理问题漏洞

Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. The Akuvox E11 suffers from a trust management issue vulnerability that stems from the SSH server being enabled by default, accessible to the root user, and using hard-coded passwords...

9.8CVSS8.7AI score0.00668EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/03/10 12:0 a.m.6 views

Akuvox E11 安全特征问题漏洞

Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that stems from the inclusion of a feature that encrypts a message and then forwards it.The IV vector and key are static, which could allow an attacker to...

7.5CVSS7.3AI score0.00563EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/03/10 12:0 a.m.5 views

Akuvox E11 授权问题漏洞

Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. The Akuvox E11 suffers from an authorization issue vulnerability that stems from accessing the Akuvox E11 password recovery web page without authentication, which allows an attacker to download the device...

9.1CVSS8.6AI score0.00634EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/03/10 12:0 a.m.6 views

Akuvox E11 安全漏洞

Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that stems from Akuvox E11 using a weak encryption algorithm for stored passwords and decrypting them using hard-coded passwords, which can allow decryption of...

9.8CVSS8.3AI score0.00415EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/03/10 12:0 a.m.5 views

Akuvox E11 安全漏洞

Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that stems from allowing direct SIP calls.The SIP server does not enforce access control, which could allow an attacker to contact any device within Akuvox to...

7.5CVSS7.3AI score0.00536EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/03/10 12:0 a.m.5 views

Akuvox E11 安全漏洞

Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that stems from the fact that Akuvox E11 uses hard-coded encryption keys, which could allow an attacker to decrypt sensitive information...

7.5CVSS7.3AI score0.00534EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/03/10 12:0 a.m.4 views

Akuvox E11 访问控制错误漏洞

Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. The Akuvox E11 suffers from an Access Control Error vulnerability that originates from accessing the Akuvox E11 web server without any user authentication, which could allow an attacker to access sensitive...

9.1CVSS8.6AI score0.00634EPSS
Exploits0References3
Rows per page
Query Builder