Enttec

E-streamer Mk2 Firmware

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2019-12774

Exploit
  • EPSS 0.49%
  • Veröffentlicht 07.06.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:23:32

A number of stored XSS vulnerabilities have been identified in the web configuration feature in ENTTEC Datagate Mk2 70044_update_05032019-482 that could allow an unauthenticated threat actor to inject malicious code directly into the application. Thi...

9

CVE-2019-12775

Exploit
  • EPSS 0.83%
  • Veröffentlicht 07.06.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:23:33

An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They allow high-privileged root access by www-data via sudo without requiring appropriate access control. (Furthermor...

10

CVE-2019-12776

Exploit
  • EPSS 1.04%
  • Veröffentlicht 07.06.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:23:33

An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They include a hard-coded SSH backdoor for remote SSH and SCP access as the root user. A command in the relocate and ...

7.8

CVE-2019-12777

Exploit
  • EPSS 0.03%
  • Veröffentlicht 07.06.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:23:33

An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They replace secure and protected directory permissions (set as default by the underlying operating system) with high...