Apollotechnologiesinc ≫ Momentum Axel 720p Firmware
6 Schwachstellen gefunden.
CVE-2018-12323
- EPSS 0.04%
- Veröffentlicht 13.06.2018 16:29:01
- Zuletzt bearbeitet 21.11.2024 03:44:59
An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded for the root and admin accounts, which makes it easier for physically proximate attackers to login at the console.
CVE-2018-12257
- EPSS 0.06%
- Veröffentlicht 12.06.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:44:52
An issue was discovered on Momentum Axel 720P 5.1.8 devices. There is Authenticated Custom Firmware Upgrade via DNS Hijacking. An authenticated root user with CLI access is able to remotely upgrade firmware to a custom image due to lack of SSL valida...
CVE-2018-12258
- EPSS 0.05%
- Veröffentlicht 12.06.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:44:52
An issue was discovered on Momentum Axel 720P 5.1.8 devices. Custom Firmware Upgrade is possible via an SD Card. With physical access, an attacker can upgrade the firmware in under 60 seconds by inserting an SD card containing the firmware with name ...
CVE-2018-12259
- EPSS 0.04%
- Veröffentlicht 12.06.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:44:52
An issue was discovered on Momentum Axel 720P 5.1.8 devices. Root access can be obtained via UART pins without any restrictions, which leads to full system compromise.
CVE-2018-12260
- EPSS 0.07%
- Veröffentlicht 12.06.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:44:52
An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices
CVE-2018-12261
- EPSS 0.05%
- Veröffentlicht 12.06.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:44:52
An issue was discovered on Momentum Axel 720P 5.1.8 devices. All processes run as root.