Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2018/06/02 1:29 p.m.7 views

CVE-2018-11629

Default and unremovable support credentials user:lutron password:integration allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not...

10CVSS9.9AI score0.02151EPSS
Exploits0References3
Prion
Prionadded 2018/06/02 1:29 p.m.19 views

Design/Logic Flaw

DISPUTED Default and unremovable support credentials allow attackers to gain total super user control of an IoT device through a TELNET session to products using the Stanza Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because...

10CVSS9.8AI score0.02151EPSS
Exploits0References3
Prion
Prionadded 2018/06/02 1:29 p.m.20 views

Design/Logic Flaw

DISPUTED Default and unremovable support credentials user:lutron password:integration allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this ...

10CVSS9.8AI score0.02151EPSS
Exploits0References3
NVD
NVDadded 2018/06/02 1:29 p.m.11 views

CVE-2018-11682

Default and unremovable support credentials allow attackers to gain total super user control of an IoT device through a TELNET session to products using the Stanza Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can...

10CVSS9.9AI score0.02151EPSS
Exploits0References3
CVE
CVEadded 2018/06/02 1:0 p.m.45 views

CVE-2018-11682

The CVE entries describe default and unremovable credentials enabling Telnet access to IoT devices using Lutron integration protocols (Stanza/HomeWorks QS HomeWorks/Lutron RadioRA 2) with Revision M–Y. The root cause cited is preserved credentials that cannot be changed, allowing attackers to gai...

10CVSS9.9AI score0.02151EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2018/06/02 1:0 p.m.13 views

CVE-2018-11681

Default and unremovable support credentials user:nwk password:nwk2 allow attackers to gain total super user control of an IoT device through a TELNET session to products using the RadioRA 2 Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a...

7.9AI score0.02692EPSS
Exploits0References3
CVE
CVEadded 2018/06/02 1:0 p.m.50 views

CVE-2018-11681

CVE-2018-11681 : The connected OpenVAS entry confirms a vulnerability in Lutron devices using the RadioRA 2 integration protocol (Revision M–Y) where default credentials (user: nwk, pass: nwk2) provide full superuser access via Telnet. This allows complete control of the IoT device over the netwo...

10CVSS9.8AI score0.02692EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2018/06/02 1:0 p.m.8 views

CVE-2018-11682

Default and unremovable support credentials allow attackers to gain total super user control of an IoT device through a TELNET session to products using the Stanza Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can...

7.9AI score0.02151EPSS
Exploits0References3
Rows per page
Query Builder