Vulnerabilities > Enttec

DATE CVE VULNERABILITY TITLE RISK
2019-06-07 CVE-2019-12777 Incorrect Permission Assignment for Critical Resource vulnerability in Enttec products
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482.
local
low complexity
enttec CWE-732
7.2
2019-06-07 CVE-2019-12776 Use of Hard-coded Credentials vulnerability in Enttec products
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482.
network
low complexity
enttec CWE-798
critical
10.0
2019-06-07 CVE-2019-12775 Improper Privilege Management vulnerability in Enttec products
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482.
network
low complexity
enttec CWE-269
critical
9.0
2019-06-07 CVE-2019-12774 Cross-site Scripting vulnerability in Enttec products
A number of stored XSS vulnerabilities have been identified in the web configuration feature in ENTTEC Datagate Mk2 70044_update_05032019-482 that could allow an unauthenticated threat actor to inject malicious code directly into the application.
network
enttec CWE-79
4.3
2019-03-28 CVE-2019-6542 Missing Authentication for Critical Function vulnerability in Enttec products
ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior to (70044,70050,70060)_update_05032019-482 allows an unauthenticated user to initiate a remote reboot, which may be used to cause a denial of service condition.
network
low complexity
enttec CWE-306
7.5