Vulnerabilities > Meross > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-02 | CVE-2018-6401 | Use of Hard-coded Credentials vulnerability in Meross Mss110 Firmware 1.1.24 Meross MSS110 devices before 1.1.24 contain a TELNET listener providing access for an undocumented admin account with a blank password. | 9.8 |
| 2018-05-02 | CVE-2018-10544 | Improper Authentication vulnerability in Meross Mss110 Firmware 1.1.24 Meross MSS110 devices through 1.1.24 contain an unauthenticated admin.htm administrative interface. | 9.8 |