Security Vulnerabilities - CVEs Published In November 2020
In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the system is configured with the option “DocumentRoot /etc“. This allows an attacker with network access to the web-server to download any files from the “/etc” folder without authentication. No path traversal sequences are needed to exploit this vulnerability.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-11-17
Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 exists which could leak sensitive information transmitted between the mobile app and the camera device.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-11-17
Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user.
CVSS Score
9.8
EPSS Score
0.027
Published
2020-11-17
A predictable device ID in BASETech GE-131 BT-1837836 firmware 20180921 allows unauthenticated remote attackers to connect to the device.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-11-17
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 allows local users to gain access to the video streaming username and password via SQLite files containing plain text credentials.
CVSS Score
5.5
EPSS Score
0.0
Published
2020-11-17
Use of an undocumented user in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to view the video stream.
CVSS Score
6.5
EPSS Score
0.004
Published
2020-11-17
In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh.
CVSS Score
7.2
EPSS Score
0.004
Published
2020-11-17
QED ResourceXpress Qubi3 devices before 1.40.9 could allow a local attacker (with physical access to the device) to obtain sensitive information via the debug interface (keystrokes over a USB cable), aka wireless password visibility.
CVSS Score
4.6
EPSS Score
0.0
Published
2020-11-17
In Progress MOVEit Transfer before 2020.1, a malicious user could craft and store a payload within the application. If a victim within the MOVEit Transfer instance interacts with the stored payload, it could invoke and execute arbitrary code within the context of the victim's browser (XSS).
CVSS Score
5.4
EPSS Score
0.001
Published
2020-11-17
The edit profile functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files.
CVSS Score
8.8
EPSS Score
0.118
Published
2020-11-17