Vulnerabilities > CVE-2020-27555 - Insecure Default Initialization of Resource vulnerability in Basetech Ge-131 Bt-1837836 Firmware 20180921

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

basetech

CWE-1188

critical

NVD

Published: 2020-11-17

Updated: 2021-07-21

Summary

Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user.

Vulnerable Configurations

Part	Description	Count
OS	Basetech Basetech GE 131 BT 1837836 Firmware 20180921	1
Hardware	Basetech Basetech GE 131 BT 1837836 -	1

Common Weakness Enumeration (CWE)

CWE-1188 - Insecure Default Initialization of Resource

References

https://infosec.rm-it.de/2020/11/04/basetech-ip-camera-analysis/#vulns