Aria7xx Firmware Security Vulnerabilities and Issues — Aria7xx Firmware CVE List

Lucene search

AminoAria7xx Firmware

5 matches found

CVE•added 2020/12/30 12:15 a.m.•75 views

CVE-2020-10209

Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows man-in-the-middle attackers to execute arbitrary commands with root level privileges.

9.3CVSS8.5AI score0.02779EPSS

CVE•added 2020/12/30 12:15 a.m.•54 views

CVE-2020-10206

Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows local attackers to view and interact with the video output of the device.

4.4CVSS4.6AI score0.00043EPSS

CVE•added 2020/12/30 12:15 a.m.•52 views

CVE-2020-10208

Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows authenticated remote attackers to execute arbitrary commands with root user privileges.

9.9CVSS9.8AI score0.08525EPSS

CVE•added 2020/12/29 11:15 p.m.•32 views

CVE-2020-10210

Because of hard-coded SSH keys for the root user in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series, Kami7B, an attacker may remotely log in through SSH.

10CVSS9.4AI score0.00455EPSS

CVE•added 2020/12/29 11:15 p.m.•27 views

CVE-2020-10207

Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows remote attackers to retrieve and modify the device settings.

10CVSS9.3AI score0.03958EPSS