Vulnerabilities > Abus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-26 | CVE-2018-16739 | Path Traversal vulnerability in Abus products An issue was discovered on certain ABUS TVIP devices. | 8.8 |
| 2023-10-26 | CVE-2018-17558 | Use of Hard-coded Credentials vulnerability in Abus products Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM.1.6.18, TVIP11550 MG.1.6.03, TVIP21050 MG.1.6.03, and TVIP51550 MG.1.6.03 cameras allow remote attackers to execute code as root. | 9.8 |
| 2023-10-26 | CVE-2018-17559 | Link Following vulnerability in Abus products Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video stream of certain ABUS TVIP cameras. | 7.5 |
| 2023-10-26 | CVE-2018-17878 | Classic Buffer Overflow vulnerability in Abus products Buffer Overflow vulnerability in certain ABUS TVIP cameras allows attackers to gain control of the program via crafted string sent to sprintf() function. | 9.8 |
| 2023-10-26 | CVE-2018-17879 | OS Command Injection vulnerability in Abus products An issue was discovered on certain ABUS TVIP cameras. | 9.8 |
| 2023-02-27 | CVE-2023-26609 | Unspecified vulnerability in Abus Tvip 20000-21150 Firmware ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field. | 7.2 |
| 2021-04-21 | CVE-2020-28973 | Information Exposure vulnerability in Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.17 The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. | 5.0 |
| 2020-07-30 | CVE-2020-14158 | Improper Authentication vulnerability in Abus Secvest Hybrid Fumo50110 Firmware The ABUS Secvest FUMO50110 hybrid module does not have any security mechanism that ensures confidentiality or integrity of RF packets that are exchanged with an alarm panel. | 6.4 |
| 2020-06-17 | CVE-2020-14157 | Information Exposure vulnerability in Abus Secvest Wireless Control Fube50001 Firmware The wireless-communication feature of the ABUS Secvest FUBE50001 device does not encrypt sensitive data such as PIN codes or IDs of used proximity chip keys (RFID tokens). | 4.8 |
| 2019-09-03 | CVE-2019-14261 | Cryptographic Issues vulnerability in Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.01 An issue was discovered on ABUS Secvest FUAA50000 3.01.01 devices. | 5.0 |