Veraedge Firmware Security Vulnerabilities and Issues — Veraedge Firmware CVE List

Lucene search

GetveraVeraedge Firmware

3 matches found

CVE•added 2019/06/17 8:15 p.m.•70 views

CVE-2017-9386

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a script file called "get_file.sh" which allows a user to retrieve any file stored in the "cmh-ext" folder on the device. However, the "filename" parameter is not validated correctly and this allows an...

6.5CVSS6.5AI score0.01751EPSS

CVE•added 2019/06/17 8:15 p.m.•58 views

CVE-2017-9382

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port_3480". It seems that the UPnP services provide "file" as one of the service actions for a normal ...

6.5CVSS6.3AI score0.00719EPSS

CVE•added 2019/06/17 8:15 p.m.•55 views

CVE-2017-9390

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a shell script called connect.sh which is supposed to return a specific cookie for the user when the user is authenticated to https://home.getvera.com. One of the parameters retrieved by this script is...

6.1CVSS6.4AI score0.00858EPSS