Vulnerabilities > Panasonic

DATE CVE VULNERABILITY TITLE RISK
2020-12-28 CVE-2020-29194 Unspecified vulnerability in Panasonic Wv-S2231L Firmware 4.25
Panasonic Security System WV-S2231L 4.25 allows a denial of service of the admin control panel (which will require a physical reset to restore administrative control) via Randomnum=99AC8CEC6E845B28&mode=1 in a POST request to the cgi-bin/set_factory URI.
network
low complexity
panasonic
5.0
2020-12-28 CVE-2020-29193 USE of Hard-Coded Credentials vulnerability in Panasonic Wv-S2231L Firmware 4.25
Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded password of lkjhgfdsa (which is just the asdf keyboard row in reverse order).
local
low complexity
panasonic CWE-798
2.1
2020-05-20 CVE-2020-11716 Incorrect Default Permissions vulnerability in Panasonic products
Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro devices through 2020-04-10 have Insecure Permissions.
network
low complexity
panasonic CWE-276
7.5
2020-05-20 CVE-2019-5997 Code Injection vulnerability in Panasonic Video Insight VMS 7.3.2.5/7.5
Video Insight VMS 7.5 and earlier allows remote attackers to conduct code injection attacks via unspecified vectors.
network
low complexity
panasonic CWE-94
7.5
2020-05-19 CVE-2020-11715 Unspecified vulnerability in Panasonic P99 Firmware 20200410
Panasonic P99 devices through 2020-04-10 have Incorrect Access Control.
network
low complexity
panasonic
7.5
2019-11-14 CVE-2019-15429 Externally Controlled Reference TO A Resource in Another Sphere vulnerability in Panasonic Eluga I9 Firmware
The Panasonic ELUGA_I9 Android device with a build fingerprint of Panasonic/ELUGA_I9/ELUGA_I9:7.0/NRD90M/1501740649:user/release-keys contains a pre-installed app with a package name of com.ovvi.modem app (versionCode=1, versionName=1) that allows unauthorized attacker-controlled at command via a confused deputy attack.
local
low complexity
panasonic CWE-610
7.2
2019-11-14 CVE-2019-15378 Unspecified vulnerability in Panasonic Eluga RAY 600 Firmware
The Panasonic Eluga Ray 600 Android device with a build fingerprint of Panasonic/ELUGA_Ray_600/ELUGA_Ray_600:8.1.0/O11019/1532692680:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.
local
low complexity
panasonic
2.1
2019-11-14 CVE-2019-15376 Unspecified vulnerability in Panasonic Eluga RAY 530 Firmware
The Panasonic Eluga Ray 530 Android device with a build fingerprint of Panasonic/ELUGA_Ray_530/ELUGA_Ray_530:8.1.0/O11019/1531828974:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.
local
low complexity
panasonic
2.1
2019-09-12 CVE-2019-5996 SQL Injection vulnerability in Panasonic Video Insight VMS 7.3.2.5
SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
panasonic CWE-89
6.5
2019-06-07 CVE-2019-6532 Incorrect Type Conversion OR Cast vulnerability in Panasonic Control Fpwin PRO
Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties.
network
panasonic CWE-704
6.8