Skip to main content

Aria7Xx Firmware

5 CVEs product

Monthly

CVE-2020-10209 HIGH POC This Week

Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Command Injection Ak45X Firmware Ak5Xx Firmware Ak65X Firmware Aria6Xx Firmware +2
NVD
CVSS 3.1
8.1
EPSS
2.7%
CVE-2020-10208 CRITICAL POC Act Now

Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows authenticated remote attackers to execute. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ak45X Firmware Ak5Xx Firmware Ak65X Firmware Aria6Xx Firmware +2
NVD
CVSS 3.1
9.9
EPSS
4.1%
CVE-2020-10206 MEDIUM POC This Month

Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows local attackers to view and interact. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ak45X Firmware Ak5Xx Firmware Ak65X Firmware Aria6Xx Firmware +2
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2020-10210 CRITICAL POC Act Now

Because of hard-coded SSH keys for the root user in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series, Kami7B, an attacker may remotely log in through. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ak45X Firmware Ak5Xx Firmware Ak65X Firmware Aria6Xx Firmware +2
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2020-10207 CRITICAL POC Act Now

Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows remote attackers to retrieve. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ak45X Firmware Ak5Xx Firmware Ak65X Firmware Aria6Xx Firmware +2
NVD
CVSS 3.1
9.8
EPSS
2.5%
EPSS 3% CVSS 8.1
HIGH POC This Week

Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Command Injection Ak45X Firmware Ak5Xx Firmware +4
NVD
EPSS 4% CVSS 9.9
CRITICAL POC Act Now

Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows authenticated remote attackers to execute. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ak45X Firmware Ak5Xx Firmware +4
NVD
EPSS 0% CVSS 4.4
MEDIUM POC This Month

Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows local attackers to view and interact. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ak45X Firmware Ak5Xx Firmware +4
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Because of hard-coded SSH keys for the root user in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series, Kami7B, an attacker may remotely log in through. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ak45X Firmware Ak5Xx Firmware +4
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows remote attackers to retrieve. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ak45X Firmware Ak5Xx Firmware +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy