Vulnerabilities > Eltex

DATE CVE VULNERABILITY TITLE RISK
2018-08-17 CVE-2018-15360 Use of Hard-coded Credentials vulnerability in Eltex Esp-200 Firmware 1.2.0
An attacker without authentication can login with default credentials for privileged users in Eltex ESP-200 firmware version 1.2.0.
network
low complexity
eltex CWE-798
7.3
7.3
2018-08-17 CVE-2018-15359 Unspecified vulnerability in Eltex Esp-200 Firmware 1.2.0
An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0.
network
low complexity
eltex
8.8
8.8
2018-08-17 CVE-2018-15358 Improper Input Validation vulnerability in Eltex Esp-200 Firmware 1.2.0
An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0.
network
low complexity
eltex CWE-20
8.8
8.8
2018-08-17 CVE-2018-15357 Information Exposure vulnerability in Eltex Esp-200 Firmware 1.2.0
An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0.
network
low complexity
eltex CWE-200
6.5
6.5
2018-08-17 CVE-2018-15356 Command Injection vulnerability in Eltex Esp-200 Firmware 1.2.0
An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200 firmware version 1.2.0.
network
low complexity
eltex CWE-77
8.8
8.8