There is a lack of CSRF countermeasures on MOBOTIX S14 MX-V4.2.1.61 cameras, as demonstrated by adding an admin account via the /admin/access URI.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-05-31
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of meinsm for the admin account.
CVSS Score
9.8
EPSS Score
0.008
Published
2019-02-09
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administrator Credentials are stored in the 13-character DES hash format.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-02-09
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/access accepts a request to set the "aaaaa" password, considered insecure for some use cases, from a user.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-02-09
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application is delivered over cleartext HTTP with Basic Authentication, as demonstrated by the /admin/index.html URI.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-02-09