Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-04-10 CVE-2015-7260 Permissions, Privileges, and Access Controls vulnerability in Vertiv Liebert Multilink Automated Shutdown 4.2.4
Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain privileges by replacing the LiebertM executable file.
local
low complexity
vertiv CWE-264
7.8
7.8
2017-04-10 CVE-2015-6035 Cross-site Scripting vulnerability in Opsview
Opsview before 2015-11-06 has XSS via SNMP.
network
low complexity
opsview CWE-79
6.1
6.1
2017-04-10 CVE-2015-6028 SQL Injection vulnerability in Castlerock Snmpc 12.1/9.0
Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter.
network
low complexity
castlerock CWE-89
8.8
8.8
2017-04-10 CVE-2015-6027 Cross-site Scripting vulnerability in Castlerock Snmpc 12.1/9.0
Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP.
network
low complexity
castlerock CWE-79
6.1
6.1
2017-04-10 CVE-2015-6021 Cross-site Scripting vulnerability in Spiceworks Desktop
Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response.
network
low complexity
spiceworks CWE-79
6.1
6.1
2017-04-10 CVE-2015-2889 Permissions, Privileges, and Access Controls vulnerability in Summerinfant Baby Zoom Wifi Monitor Firmware
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to gain privileges via manual entry of a Settings URL.
network
low complexity
summerinfant CWE-264
8.8
8.8
2017-04-10 CVE-2015-2888 Missing Authentication for Critical Function vulnerability in Summerinfant Baby Zoom Wifi Monitor Firmware
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service.
network
low complexity
summerinfant CWE-306
critical
 9.8
9.8
2017-04-10 CVE-2015-2887 Use of Hard-coded Credentials vulnerability in Ibaby M3S Baby Monitor Firmware
iBaby M3S has a password of admin for the backdoor admin account.
network
low complexity
ibaby CWE-798
critical
 9.8
9.8
2017-04-10 CVE-2015-2886 Information Exposure vulnerability in Ibaby M6 Baby Monitor Firmware
iBaby M6 allows remote attackers to obtain sensitive information, related to the ibabycloud.com service.
network
low complexity
ibaby CWE-200
7.5
7.5
2017-04-10 CVE-2015-2885 Use of Hard-coded Credentials vulnerability in Lens Laboratories Peek-A-View Firmware
Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account.
network
low complexity
lens-laboratories CWE-798
critical
 9.8
9.8