CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-26097

The firmware of the PLANET Technology Corp NVR-915 and NVR-1615 before 2020-10-28 embeds default credentials for root access via telnet. By exposing telnet on the Internet, remote root access on the device is possible. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://www.sec-research.com/1604584604-hard-coded-credentials-in-netzwerk-videorekorder-planet-nvr-915.html
https://www.sec-research.com/1604584604-hard-coded-credentials-in-netzwerk-videorekorder-planet-nvr-915.html

Products affected by CVE-2020-26097

Planet » Nvr-1615 » Version: N/A

cpe:2.3:h:planet:nvr-1615:-
Planet » Nvr-915 » Version: N/A

cpe:2.3:h:planet:nvr-915:-
Planet » Nvr-1615 Firmware » Version: N/A

cpe:2.3:o:planet:nvr-1615_firmware:-
Planet » Nvr-915 Firmware » Version: N/A

cpe:2.3:o:planet:nvr-915_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-26097

Products

Pricing

Contact Us