Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-10209 | 1 Amino | 12 Ak45x, Ak45x Firmware, Ak5xx and 9 more | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
| Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows man-in-the-middle attackers to execute arbitrary commands with root level privileges. | |||||
| CVE-2020-10208 | 1 Amino | 12 Ak45x, Ak45x Firmware, Ak5xx and 9 more | 2023-12-10 | 9.0 HIGH | 9.9 CRITICAL |
| Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows authenticated remote attackers to execute arbitrary commands with root user privileges. | |||||
| CVE-2020-10207 | 1 Amino | 12 Ak45x, Ak45x Firmware, Ak5xx and 9 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows remote attackers to retrieve and modify the device settings. | |||||
| CVE-2020-10210 | 1 Amino | 12 Ak45x, Ak45x Firmware, Ak5xx and 9 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Because of hard-coded SSH keys for the root user in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series, Kami7B, an attacker may remotely log in through SSH. | |||||
| CVE-2020-10206 | 1 Amino | 12 Ak45x, Ak45x Firmware, Ak5xx and 9 more | 2023-12-10 | 3.6 LOW | 4.4 MEDIUM |
| Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows local attackers to view and interact with the video output of the device. | |||||