Vulnerabilities > Abus

DATE CVE VULNERABILITY TITLE RISK
2023-10-26 CVE-2018-16739 Path Traversal vulnerability in Abus products
An issue was discovered on certain ABUS TVIP devices.
network
low complexity
abus CWE-22
8.8
2023-10-26 CVE-2018-17558 Use of Hard-coded Credentials vulnerability in Abus products
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM.1.6.18, TVIP11550 MG.1.6.03, TVIP21050 MG.1.6.03, and TVIP51550 MG.1.6.03 cameras allow remote attackers to execute code as root.
network
low complexity
abus CWE-798
critical
9.8
2023-10-26 CVE-2018-17559 Link Following vulnerability in Abus products
Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video stream of certain ABUS TVIP cameras.
network
low complexity
abus CWE-59
7.5
2023-10-26 CVE-2018-17878 Classic Buffer Overflow vulnerability in Abus products
Buffer Overflow vulnerability in certain ABUS TVIP cameras allows attackers to gain control of the program via crafted string sent to sprintf() function.
network
low complexity
abus CWE-120
critical
9.8
2023-10-26 CVE-2018-17879 OS Command Injection vulnerability in Abus products
An issue was discovered on certain ABUS TVIP cameras.
network
low complexity
abus CWE-78
critical
9.8
2023-02-27 CVE-2023-26609 Unspecified vulnerability in Abus Tvip 20000-21150 Firmware
ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field.
network
low complexity
abus
7.2
2021-04-21 CVE-2020-28973 Improper Authentication vulnerability in Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.17
The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface.
network
low complexity
abus CWE-287
7.5
2020-07-30 CVE-2020-14158 Improper Authentication vulnerability in Abus Secvest Hybrid Fumo50110 Firmware
The ABUS Secvest FUMO50110 hybrid module does not have any security mechanism that ensures confidentiality or integrity of RF packets that are exchanged with an alarm panel.
network
low complexity
abus CWE-287
critical
9.1
2020-06-17 CVE-2020-14157 Cleartext Transmission of Sensitive Information vulnerability in Abus Secvest Wireless Control Fube50001 Firmware
The wireless-communication feature of the ABUS Secvest FUBE50001 device does not encrypt sensitive data such as PIN codes or IDs of used proximity chip keys (RFID tokens).
low complexity
abus CWE-319
8.1
2019-09-03 CVE-2019-14261 Cryptographic Issues vulnerability in Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.01
An issue was discovered on ABUS Secvest FUAA50000 3.01.01 devices.
network
low complexity
abus CWE-310
7.5