Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2017-6445

The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3, 7.0.1, and 8.0.4 uses neither encrypted connections nor signed updates. A man-in-the-middle attacker could manipulate the update packages to gain root access remotely.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.7%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 7.6
Products affected by CVE-2017-6445


Contact Us

Shodan ® - All rights reserved