Vulnerability Details CVE-2018-17771
Ingenico Telium 2 POS terminals have hardcoded FTP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.1%
CVSS Severity
CVSS v3 Score 6.6
CVSS v2 Score 7.2
References
- https://ingenico.us/smart-terminals/telium2
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-11/
- https://youtu.be/gtbS3Gr264w
- https://youtu.be/oyUD7RDJsJs
- https://ingenico.us/smart-terminals/telium2
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-11/
- https://youtu.be/gtbS3Gr264w
- https://youtu.be/oyUD7RDJsJs
Products affected by CVE-2018-17771
-
cpe:2.3:h:ingenico:telium_2:-
-
cpe:2.3:o:ingenico:telium_2_firmware:*