Vulnerabilities > Datto > Alto 3 Firmware > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-02-20 | CVE-2015-2081 | Improper Input Validation vulnerability in Datto products Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts. | 9.8 |
2018-02-20 | CVE-2015-9254 | Use of Hard-coded Credentials vulnerability in Datto products Datto ALTO and SIRIS devices have a default VNC password. | 9.8 |