|
208251
|
9.8 |
CRITICAL
Network
|
planet
|
nvr-915_firmware
nvr-1615_firmware
|
The firmware of the PLANET Technology Corp NVR-915 and NVR-1615 before 2020-10-28 embeds default credentials for root access via telnet. By exposing telnet on the Internet, remote root access on the …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-26097
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208252
|
6.1 |
MEDIUM
Network
|
cisco
|
iot_field_network_director
|
Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users on an affe…
|
CWE-74
Injection
|
CVE-2020-26081
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208253
|
4.1 |
MEDIUM
Network
|
cisco
|
iot_field_network_director
|
A vulnerability in the user management functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to manage user information for users in different domains …
|
CWE-269
Improper Privilege Management
|
CVE-2020-26080
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208254
|
6.5 |
MEDIUM
Network
|
cisco
|
iot_field_network_director
|
A vulnerability in the file system of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to overwrite files on an affected system. The vulnerability is due to insuff…
|
CWE-22
Path Traversal
|
CVE-2020-26078
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208255
|
7.5 |
HIGH
Network
|
cisco
|
iot_field_network_director
|
A vulnerability in Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive database information on an affected device. The vulnerability is due to the…
|
CWE-200
Information Exposure
|
CVE-2020-26076
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208256
|
4.9 |
MEDIUM
Network
|
cisco
|
iot_field_network_director
|
A vulnerability in the web UI of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to obtain hashes of user passwords on an affected device. The vulnerability is du…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-26079
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208257
|
4.3 |
MEDIUM
Network
|
cisco
|
iot_field_network_director
|
A vulnerability in the access control functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to view lists of users from different domains that are conf…
|
CWE-269
Improper Privilege Management
|
CVE-2020-26077
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208258
|
8.8 |
HIGH
Network
|
cisco
|
iot_field_network_director
|
A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to gain access to the back-end database of an affected device. The vulnerabilit…
|
CWE-89
SQL Injection
|
CVE-2020-26075
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208259
|
8.7 |
HIGH
Network
|
cisco
|
iot_field_network_director
|
A vulnerability in the SOAP API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to access and modify information on devices that belong to a different domain. …
|
CWE-269
Improper Privilege Management
|
CVE-2020-26072
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208260
|
6.5 |
MEDIUM
Network
|
cisco
|
roomos
telepresence_collaboration_endpoint
|
A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. The v…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2020-26068
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
