Lucene search
K
EnttecPixelator Firmware

5 matches found

cve
cve
added 2019/06/07 3:6 p.m.68 views

CVE-2019-12775

CVE-2019-12775 affects ENTTEC Datagate Mk2, Storm 24, Pixelator (firmware 70044_update_05032019-482 and prior). The issue enables high-privileged root access via sudo for the www-data/web-app user without proper access control, potentially allowing execution of high-privilege binaries/assets pres...

9CVSS8.9AI score0.01876EPSS
cve
cve
added 2019/06/07 3:6 p.m.63 views

CVE-2019-12777

CVE-2019-12777 affects ENTTEC Datagate Mk2, Storm 24, Pixelator, and E-Streamer Mk2 firmware 70044_update_05032019-482, where startup scripts replace secure directory permissions with permissive rwxrwxrwx on /usr, /usr/local, /usr/local/dmxis, and /usr/local/bin. This is an Incorrect Permission A...

7.8CVSS7.5AI score0.00411EPSS
cve
cve
added 2019/06/07 3:6 p.m.62 views

CVE-2019-12774

CVE-2019-12774 is a stored XSS vulnerability in ENTTEC Datagate Mk2 Web Configuration (70044_update_05032019-482). The issue allows an unauthenticated attacker to inject code via fields such as Profile Description in the Profile Editor. Affected product line includes Datagate Mk2 (and related dev...

6.1CVSS6.3AI score0.00821EPSS
cve
cve
added 2019/06/07 3:6 p.m.62 views

CVE-2019-12776

The CVE-2019-12776 issue affects ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482, where a hard-coded SSH key enables remote root access. Root cause: hard-coded cryptographic key enabling SSH/SCP access to root via relocate/relocate_revB scripts...

10CVSS9.6AI score0.02016EPSS
cve
cve
added 2019/03/28 1:50 p.m.53 views

CVE-2019-6542

The CVE-2019-6542 entry affects ENTTEC Datagate MK2, Storm 24, and Pixelator. All firmware versions prior to 70044 (Datagate MK2), 70050 (Storm 24), and 70060 (Pixelator) are affected. The vulnerability is Missing Authentication for a Critical Function (CWE-306): an unauthenticated attacker can i...

7.8CVSS7.4AI score0.01516EPSS