Ge-131 Bt-1837836 Firmware@20180921 Security Vulnerabilities and Issues — Ge-131 Bt-1837836 Firmware@20180921 CVE List

Lucene search

BasetechGe-131 Bt-1837836 Firmware20180921

6 matches found

CVE•added 2020/11/17 3:15 p.m.•40 views

CVE-2020-27555

Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user.

10CVSS9.8AI score0.0267EPSS

CVE•added 2020/11/17 3:15 p.m.•32 views

CVE-2020-27558

Use of an undocumented user in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to view the video stream.

6.5CVSS6.5AI score0.00416EPSS

CVE•added 2020/11/17 3:15 p.m.•31 views

CVE-2020-27557

Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 allows local users to gain access to the video streaming username and password via SQLite files containing plain text credentials.

5.5CVSS5.7AI score0.00046EPSS

CVE•added 2020/11/17 3:15 p.m.•30 views

CVE-2020-27554

Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 exists which could leak sensitive information transmitted between the mobile app and the camera device.

7.5CVSS7.3AI score0.00136EPSS

CVE•added 2020/11/17 3:15 p.m.•30 views

CVE-2020-27556

A predictable device ID in BASETech GE-131 BT-1837836 firmware 20180921 allows unauthenticated remote attackers to connect to the device.

5.3CVSS5.4AI score0.00386EPSS

CVE•added 2020/11/17 3:15 p.m.•26 views

CVE-2020-27553

In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the system is configured with the option “DocumentRoot /etc“. This allows an attacker with network access to the web-server to download any files from the “/etc” folder without authentication. No path traversal sequences are needed ...

7.5CVSS7.4AI score0.00365EPSS