Inim SmartLiving SmartLAN/SI,Inim SmartLiving SmartLAN/G 信任管理问题漏洞

Inim SmartLiving SmartLAN/SI and Inim SmartLiving SmartLAN/G are both a series of network communication extension modules from Inim Italy. A trust management issue vulnerability exists in Inim SmartLiving SmartLAN/SI,Inim SmartLiving SmartLAN/G version 6.x and earlier, which stems from the presen...

CVE-2020-21995

Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system...

Hardcoded credentials

Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system...

Server side request forgery (ssrf)

An Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in Inim Electronics Smartliving SmartLAN/G/SI =6.x within the GetImage functionality. The application parses user supplied data in the GET parameter 'host' to construct an image request to the service through onvif.cgi. Sinc...

Command injection

Inim Electronics SmartLiving SmartLAN/G/SI =6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary ELF 32-bit LSB...

CVE-2020-22002

CVE-2020-22002 – Inim Electronics SmartLiving SmartLAN/G/SI (<=6.x) suffers an unauthenticated SSRF in GetImage where the application uses user-supplied GET parameter host to construct an image request via onvif.cgi without validating the value. The root cause is lack of input validation on ho...

CVE-2020-22002

An Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in Inim Electronics Smartliving SmartLAN/G/SI =6.x within the GetImage functionality. The application parses user supplied data in the GET parameter 'host' to construct an image request to the service through onvif.cgi. Sinc...

Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Author: LiquidWorm Product web page: https://www.inim.biz Link:...

Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit

Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Product web page: https://www.inim.biz Link:...

Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution

Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...