CVE-2020-27553
- EPSS 0.37%
- Veröffentlicht 17.11.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:21:22
In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the system is configured with the option “DocumentRoot /etc“. This allows an attacker with network access to the web-server to download any files from the “/etc” folder without authen...
CVE-2020-27554
- EPSS 0.14%
- Veröffentlicht 17.11.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:21:22
Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 exists which could leak sensitive information transmitted between the mobile app and the camera device.
- EPSS 2.67%
- Veröffentlicht 17.11.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:21:22
Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user.
CVE-2020-27556
- EPSS 0.39%
- Veröffentlicht 17.11.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:21:22
A predictable device ID in BASETech GE-131 BT-1837836 firmware 20180921 allows unauthenticated remote attackers to connect to the device.
CVE-2020-27557
- EPSS 0.05%
- Veröffentlicht 17.11.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:21:23
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 allows local users to gain access to the video streaming username and password via SQLite files containing plain text credentials.
CVE-2020-27558
- EPSS 0.41%
- Veröffentlicht 17.11.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:21:23
Use of an undocumented user in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to view the video stream.