E11 Firmware Security Vulnerabilities and Issues — E11 Firmware CVE List

Lucene search

AkuvoxE11 Firmware

6 matches found

CVE•added 2023/03/13 9:15 p.m.•66 views

CVE-2023-0354

The Akuvox E11 web server can be accessed without any user authentication, and this could allow an attacker to access sensitive information, as well as create and download packet captures with known default URLs.

9.1CVSS9.3AI score0.00153EPSS

CVE•added 2023/03/31 4:15 p.m.•44 views

CVE-2023-0344

Akuvox E11 appears to be using a custom version of dropbear SSH server. This server allows an insecure option that by default is not in the official dropbear SSH server.

9.1CVSS7.8AI score0.00081EPSS

CVE•added 2023/03/13 9:15 p.m.•42 views

CVE-2023-0349

The Akuvox E11 libvoice library provides unauthenticated access to the camera capture for image and video. This could allow an attacker to view and record image and video from the camera.

9.1CVSS8.5AI score0.00091EPSS

CVE•added 2023/03/13 9:15 p.m.•39 views

CVE-2023-0345

The Akuvox E11 secure shell (SSH) server is enabled by default and can be accessed by the root user. This password cannot be changed by the user.

9.8CVSS9.7AI score0.00098EPSS

CVE•added 2023/03/13 9:15 p.m.•39 views

CVE-2023-0353

Akuvox E11 uses a weak encryption algorithm for stored passwords and uses a hard-coded password for decryption which could allow the encrypted passwords to be decrypted from the configuration file.

9.8CVSS8.3AI score0.00057EPSS

CVE•added 2023/03/13 9:15 p.m.•38 views

CVE-2023-0352

The Akuvox E11 password recovery webpage can be accessed without authentication, and an attacker could download the device key file. An attacker could then use this page to reset the password back to the default.

9.1CVSS9.3AI score0.00113EPSS