10

CVE-2019-13473

Exploit
TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have an undocumented TELNET service within the BusyBox subsystem, leading to root access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TelestarBobs Rock Radio Firmware Version-
   TelestarBobs Rock Radio Version-
TelestarDabman D10 Firmware Version-
   TelestarDabman D10 Version-
TelestarImperial I110 Firmware Version-
   TelestarImperial I110 Version-
TelestarImperial I150 Firmware Version-
   TelestarImperial I150 Version-
TelestarImperial I200 Firmware Version-
   TelestarImperial I200 Version-
TelestarImperial I400 Firmware Version-
   TelestarImperial I400 Version-
TelestarImperial I450 Firmware Version-
   TelestarImperial I450 Version-
TelestarImperial I600 Firmware Version-
   TelestarImperial I600 Version-
AunaConnect 100 Firmware Version-
   AunaConnect 100 Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.45% 0.902
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

http://packetstormsecurity.com/files/154416/Dabman-And-Imperial-Web-Radio-Devices-Undocumented-Telnet-Backdoor.html
Third Party Advisory
Exploit
VDB Entry
http://packetstormsecurity.com/files/174503/Internet-Radio-auna-IR-160-SE-UIProto-DoS-XSS-Missing-Authentication.html
http://seclists.org/fulldisclosure/2023/Sep/1
https://www.vulnerability-lab.com/get_content.php?id=2183
Third Party Advisory
Exploit