Vulnerabilities > Openelec
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-05 | CVE-2017-6445 | Missing Encryption of Sensitive Data vulnerability in Openelec 6.0.3/7.0.1 The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3, 7.0.1, and 8.0.4 uses neither encrypted connections nor signed updates. | 8.1 |
2016-02-08 | CVE-2016-2230 | Credentials Management vulnerability in Openelec OpenELEC and RasPlex devices have a hardcoded password for the root account, which makes it easier for remote attackers to obtain access via an SSH session. | 9.8 |