15 matches found
EUVD-2016-3415
Malware in sbrugna...
EUVD-2016-3416
Malware in sbrugna...
EUVD-2016-3417
Malware in sbrugna...
CVE-2016-2333
SysLINK SL-1000 Machine-to-Machine M2M Modular Gateway devices with firmware before 01A.8 use the same hardcoded encryption key across different customers' installations, which allows attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another...
CVE-2016-2332
flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine M2M Modular Gateway devices with firmware before 01A.8 allows remote authenticated users to execute arbitrary commands via the 5066 aka dnsmasq parameter...
CVE-2016-2331
The web interface on SysLINK SL-1000 Machine-to-Machine M2M Modular Gateway devices with firmware before 01A.8 has a default password, which makes it easier for remote attackers to obtain access via unspecified vectors...
Code injection
flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine M2M Modular Gateway devices with firmware before 01A.8 allows remote authenticated users to execute arbitrary commands via the 5066 aka dnsmasq parameter...
Default credentials
The web interface on SysLINK SL-1000 Machine-to-Machine M2M Modular Gateway devices with firmware before 01A.8 has a default password, which makes it easier for remote attackers to obtain access via unspecified vectors...
Hardcoded credentials
SysLINK SL-1000 Machine-to-Machine M2M Modular Gateway devices with firmware before 01A.8 use the same hardcoded encryption key across different customers' installations, which allows attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another...
CVE-2016-2331
The CVE-2016-2331 issue affects Systech SysLINK SL-1000 M2M Modular Gateway devices with firmware prior to 01A.8. Multiple sources describe a privilege-acquisition vulnerability in the web interface due to a hard-coded/default password, enabling a remote attacker to obtain root access. CERT/CC no...
CVE-2016-2332
Affected product: SysLINK SL-1000 M2M Modular Gateway. Vulnerability: Command injection via the web interface (flu.cgi) where the 5066 parameter (dnsmasq) can be exploited by an authenticated user to execute arbitrary commands with root privileges. Root cause: Web interface processes crafted POST...
CVE-2016-2331
The web interface on SysLINK SL-1000 Machine-to-Machine M2M Modular Gateway devices with firmware before 01A.8 has a default password, which makes it easier for remote attackers to obtain access via unspecified vectors...
CVE-2016-2332
flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine M2M Modular Gateway devices with firmware before 01A.8 allows remote authenticated users to execute arbitrary commands via the 5066 aka dnsmasq parameter...
CVE-2016-2333
SysLINK SL-1000 Machine-to-Machine M2M Modular Gateway devices with firmware before 01A.8 use the same hardcoded encryption key across different customers' installations, which allows attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another...
SysLINK M2M Modular Gateway contains multiple vulnerabilities
Overview The SysLINK SL-1000 M2M Machine-to-Machine Modular Gateway contains multiple vulnerabilities. Description According to the researcher, the SysLINK SL-1000 M2M Modular Gateway contains multiple vulnerabilities:CWE-259: Use of Hard-coded Password - CVE-2016-2331 By default, the device's we...