Vulnerabilities > Abus > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-26 | CVE-2018-17558 | Use of Hard-coded Credentials vulnerability in Abus products Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM.1.6.18, TVIP11550 MG.1.6.03, TVIP21050 MG.1.6.03, and TVIP51550 MG.1.6.03 cameras allow remote attackers to execute code as root. | 9.8 |
| 2023-10-26 | CVE-2018-17878 | Classic Buffer Overflow vulnerability in Abus products Buffer Overflow vulnerability in certain ABUS TVIP cameras allows attackers to gain control of the program via crafted string sent to sprintf() function. | 9.8 |
| 2023-10-26 | CVE-2018-17879 | OS Command Injection vulnerability in Abus products An issue was discovered on certain ABUS TVIP cameras. | 9.8 |
| 2020-07-30 | CVE-2020-14158 | Improper Authentication vulnerability in Abus Secvest Hybrid Fumo50110 Firmware The ABUS Secvest FUMO50110 hybrid module does not have any security mechanism that ensures confidentiality or integrity of RF packets that are exchanged with an alarm panel. | 9.1 |
| 2019-03-27 | CVE-2019-9863 | Use of Insufficiently Random Values vulnerability in Abus products Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm system FUAA50000 3.01.01 and its remote controls FUBE50014 and FUBE50015, an attacker is able to predict valid future rolling codes, and can thus remotely control the alarm system in an unauthorized way. | 9.8 |