Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Eh6108H+ Firmware Security Vulnerabilities - February

cve
cve

CVE-2016-6535

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session.

9.8CVSS

9.3AI Score

0.005EPSS

2016-09-19 01:59 AM
34
cve
cve

CVE-2016-6536

The /setup URI on AVer Information EH6108H+ devices with firmware X9.03.24.00.07l allows remote attackers to bypass intended page-access restrictions or modify passwords by leveraging knowledge of a handle parameter value.

9.8CVSS

9.4AI Score

0.006EPSS

2016-09-19 01:59 AM
34
cve
cve

CVE-2016-6537

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l store passwords in a cleartext base64 format and require cleartext credentials in HTTP Cookie headers, which allows context-dependent attacks to obtain sensitive information by reading these strings.

7.5CVSS

7.7AI Score

0.002EPSS

2016-09-19 01:59 AM
33
4