Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Cayintech Security Vulnerabilities

cve
cve

CVE-2020-6954

An issue was discovered on Cayin SMP-PRO4 devices. A user can discover a saved password by viewing the URL after a Connection String Test. This password is shown in the webpass parameter of a media_folder.cgi?apply_mode=ping_server URI.

6.5CVSS

6.5AI Score

0.001EPSS

2020-01-13 11:15 PM
39
cve
cve

CVE-2020-6955

An issue was discovered on Cayin SMP-PRO4 devices. They allow image_preview.html?filename= reflected XSS.

6.1CVSS

6.3AI Score

0.001EPSS

2020-01-13 11:15 PM
38
cve
cve

CVE-2020-7356

CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter 'wayfinder_seqid' in wayfinder_meeting_input.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecti...

10CVSS

9.9AI Score

0.032EPSS

2020-08-06 04:15 PM
69
cve
cve

CVE-2020-7357

Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'NTP_Server_IP' HTTP POST parameter in system.cgi page. This issue affects several branc...

9.9CVSS

9.7AI Score

0.959EPSS

2020-08-06 04:15 PM
68