Teracue

Enc-400 Hdsdi Firmware

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2018-20218

Exploit
  • EPSS 30.68%
  • Veröffentlicht 21.03.2019 16:00:35
  • Zuletzt bearbeitet 21.11.2024 04:01:06

An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. The login form passes user input directly to a shell command without any kind of escaping or validation in /usr/share/www/check.lp file. An attacker is able to perform c...

9.3

CVE-2018-20219

  • EPSS 42.9%
  • Veröffentlicht 21.03.2019 16:00:35
  • Zuletzt bearbeitet 21.11.2024 04:01:06

An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. After successful authentication, the device sends an authentication cookie to the end user such that they can access the devices web administration panel. This token is ...

7.5

CVE-2018-20220

  • EPSS 43.6%
  • Veröffentlicht 21.03.2019 16:00:35
  • Zuletzt bearbeitet 21.11.2024 04:01:06

An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. While the web interface requires authentication before it can be interacted with, a large portion of the HTTP endpoints are missing authentication. An attacker is able t...