5 matches found
CVE-2013-0137
Summary (CVE-2013-0137) The Digital Alert Systems DASDEC‑I/II and Monroe Electronics R189 One‑Net EAS devices released before firmware version 2.0‑2 contained a publicly available private SSH key in firmware, enabling remote attackers with SSH access to log in as root and spoof alerts. The issue ...
CVE-2013-4735
The CVE-2013-4735 issue affects the Digital Alert Systems DASDEC EAS device prior to 2.0-2 and Monroe Electronics R189 One-Net EAS prior to 2.0-2, which have a default administrative password. The underlying risk is that an attacker could remotely obtain access over an IP network due to this defa...
CVE-2013-4734
CVE-2013-4734 affects the DASDEC EAS device (Digital Alert Systems) before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2. The underlying issue is that dasdec_mkuser generates predictable passwords, which could allow an attacker to obtain non-administrative access via unspe...
CVE-2013-4732
CVE-2013-4732 affects Digital Alert Systems DASDEC EAS device (versions 2.0-2) and Monroe Electronics R189 One-Net EAS device (versions 2.0-2). The issue is predictable session ID values in the administrative web server, enabling potential session hijacking by sniffing the network. Public documen...
CVE-2013-4733
The CVE-2013-4733 entry affects the web server component of the Digital Alert Systems DASDEC EAS device and the Monroe Electronics R189 One-Net EAS device, both versions prior to 2.0-2. An attacker can remotely read log files to obtain sensitive configuration and status information, exposing conf...