Skip to main content
CVE-2018-11682 CRITICAL Act Now

Default and unremovable support credentials allow attackers to gain total super user control of an IoT device through a TELNET session to products using the Stanza Lutron integration protocol. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Stanza Firmware Radiora 2 Firmware Homeworks Qs Firmware
NVD
CVSS 3.1
9.8
EPSS
4.3%
CVE-2018-11681 CRITICAL Act Now

Default and unremovable support credentials (user:nwk password:nwk2) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the RadioRA 2 Lutron. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Stanza Firmware Radiora 2 Firmware Homeworks Qs Firmware
NVD
CVSS 3.1
9.8
EPSS
4.3%
CVE-2018-11629 CRITICAL Act Now

Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Stanza Firmware Radiora 2 Firmware Homeworks Qs Firmware
NVD
CVSS 3.0
9.8
EPSS
4.3%
CVE-2018-11143 CRITICAL Act Now

Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 1 of 46). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Disk Backup
NVD
CVSS 3.0
9.8
EPSS
37.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy