104 matches found
CVE-2023-0355 CVE-2023-0355
Akuvox E11 uses a hard-coded cryptographic key, which could allow an attacker to decrypt sensitive information...
CVE-2023-0355
CVE-2023-0355 affects the Akuvox E11 doorbell camera. The vulnerability is described as the use of a hard-coded cryptographic key , which could allow an attacker to decrypt sensitive information. The CVE entry does not provide exploit details. The related ics advisory (IcsA-23-068-01) characteriz...
Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom
More than a dozen security flaws have been disclosed in E11, a smart intercom product made by Chinese company Akuvox. "The vulnerabilities could allow attackers to execute code remotely in order to activate and control the device's camera and microphone, steal video and images, or gain a network...
Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom
More than a dozen security flaws have been disclosed in E11, a smart intercom product made by Chinese company Akuvox. "The vulnerabilities could allow attackers to execute code remotely in order to activate and control the device's camera and microphone, steal video and images, or gain a network...
PT-2023-16202 · Akuvox · Akuvox E11
Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue allows an attacker to upload a file to the device by changing the extension of a malicious file to an accepted file type, as the device does not ensure that a file extension is...
PT-2023-16200 · Akuvox · Akuvox E11
Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue concerns a lack of access control in the SIP servers of Akuvox E11, allowing an attacker to make direct SIP calls to any device within the system, potentially enabling them to...
PT-2023-16204 · Akuvox · Akuvox E11
Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue concerns the Akuvox E11 password recovery webpage, which can be accessed without proper authentication. This allows an attacker to download the device key file and subsequently...
PT-2023-8987 · Akuvox · Akuvox E11
Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue is related to the Akuvox E11 secure shell SSH server, which is enabled by default and accessible by the root user with a password that cannot be changed by the user. This conce...
PT-2023-16197 · Akuvox · Akuvox E11
Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue concerns a custom version of the dropbear SSH server used by Akuvox E11, which allows an insecure option not present in the official dropbear SSH server by default...
PT-2023-16201 · Akuvox · Akuvox E11
Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue allows unauthenticated access to the camera capture for image and video, potentially enabling an attacker to view and record image and video from the camera. Recommendations: A...
PT-2023-16207 · Akuvox · Akuvox E11
Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue concerns the use of a hard-coded cryptographic key, which could potentially allow an attacker to decrypt sensitive information. Recommendations: At the moment, there is no...
PT-2023-16203 · Akuvox · Akuvox E11
Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue concerns command injection in the device phone-book contacts functionality of the Akuvox E11 web server backend library. This could allow an attacker to upload files with...
Akuvox E11 安全漏洞
Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that originates from the use of a customized version of the dropbear SSH service. This service allows an insecure option...
Akuvox E11 信任管理问题漏洞
Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. The Akuvox E11 suffers from a trust management issue vulnerability that stems from the SSH server being enabled by default, accessible to the root user, and using hard-coded passwords...
Akuvox E11 安全特征问题漏洞
Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that stems from the inclusion of a feature that encrypts a message and then forwards it.The IV vector and key are static, which could allow an attacker to...
Akuvox E11 授权问题漏洞
Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. The Akuvox E11 suffers from an authorization issue vulnerability that stems from accessing the Akuvox E11 password recovery web page without authentication, which allows an attacker to download the device...
Akuvox E11 安全漏洞
Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that stems from Akuvox E11 using a weak encryption algorithm for stored passwords and decrypting them using hard-coded passwords, which can allow decryption of...
Akuvox E11 安全漏洞
Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that stems from allowing direct SIP calls.The SIP server does not enforce access control, which could allow an attacker to contact any device within Akuvox to...
Akuvox E11 安全漏洞
Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that stems from the fact that Akuvox E11 uses hard-coded encryption keys, which could allow an attacker to decrypt sensitive information...
Akuvox E11 访问控制错误漏洞
Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. The Akuvox E11 suffers from an Access Control Error vulnerability that originates from accessing the Akuvox E11 web server without any user authentication, which could allow an attacker to access sensitive...