Vulnerabilities > Abus > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-26 | CVE-2018-17558 | Use of Hard-coded Credentials vulnerability in Abus products Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM.1.6.18, TVIP11550 MG.1.6.03, TVIP21050 MG.1.6.03, and TVIP51550 MG.1.6.03 cameras allow remote attackers to execute code as root. | 9.8 |
| 2023-10-26 | CVE-2018-17878 | Classic Buffer Overflow vulnerability in Abus products Buffer Overflow vulnerability in certain ABUS TVIP cameras allows attackers to gain control of the program via crafted string sent to sprintf() function. | 9.8 |
| 2023-10-26 | CVE-2018-17879 | OS Command Injection vulnerability in Abus products An issue was discovered on certain ABUS TVIP cameras. | 9.8 |
| 2019-03-27 | CVE-2019-9863 | Inadequate Encryption Strength vulnerability in Abus products Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm system FUAA50000 3.01.01 and its remote controls FUBE50014 and FUBE50015, an attacker is able to predict valid future rolling codes, and can thus remotely control the alarm system in an unauthorized way. | 10.0 |