Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/02/25 10:16 p.m.7 views

CVE-2026-26340

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of...

8.7CVSS5.4AI score0.00807EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/02/25 10:16 p.m.6 views

CVE-2026-26341

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with default credentials that are not forced to be changed during installation or commissioning. An attacker who can reach the management interface can authenticate using the default credentials and gain...

9.8CVSS5.4AI score0.02663EPSS
Exploits3References1
NVD
NVD
added 2026/02/24 8:27 p.m.9 views

CVE-2026-26342

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an authentication token X-User-Token with insufficient expiration. An attacker who obtains a valid token for example via interception, log exposure, or token reuse on a shared system can continue to...

9.8CVSS0.00716EPSS
Exploits3References3
NVD
NVD
added 2026/02/24 8:27 p.m.10 views

CVE-2026-26340

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of...

8.7CVSS0.00807EPSS
Exploits3References3
OSV
OSV
added 2026/02/24 8:27 p.m.10 views

CVE-2026-26340

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of...

7.5CVSS5.9AI score0.00807EPSS
Exploits3References3
CVE
CVE
added 2026/02/24 6:41 p.m.33 views

CVE-2026-26342

CVE-2026-26342 affects Tattile Smart+, Vega, and Basic device families with firmware versions prior to 1.181.5. The root cause is an authentication token (X-User-Token) with insufficient expiration, permitting an attacker with a valid token to continue authenticated access to the management inter...

9.8CVSS5.5AI score0.00716EPSS
Exploits3References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/24 6:40 p.m.9 views

CVE-2026-26340

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of...

8.7CVSS5.9AI score0.00807EPSS
Exploits3References4
Rows per page
Query Builder