An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of meinsm for the admin account.
9.8CVSS
9.5AI Score
0.009EPSS
There is a lack of CSRF countermeasures on MOBOTIX S14 MX-V4.2.1.61 cameras, as demonstrated by adding an admin account via the /admin/access URI.
8.8CVSS
8.7AI Score
0.001EPSS
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administrator Credentials are stored in the 13-character DES hash format.
7.5CVSS
7.4AI Score
0.002EPSS
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/access accepts a request to set the "aaaaa" password, considered insecure for some use cases, from a user.
9.8CVSS
9.3AI Score
0.007EPSS
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application is delivered over cleartext HTTP with Basic Authentication, as demonstrated by the /admin/index.html URI.
7.5CVSS
7.5AI Score
0.006EPSS