Winstonprivacy: >> Winston Firmware >> 1.5.4 Security Vulnerabilities
Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is undocumented in device documents and is not announced to the user.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-10-28
Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and can be combined with other vulnerabilities for remote exploitation.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-10-28
Winston 1.5.4 devices allow a U-Boot interrupt, resulting in local root access.
CVSS Score
6.8
EPSS Score
0.0
Published
2020-10-28
Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root privilege escalation.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-10-28
Winston 1.5.4 devices have a CORS configuration that trusts arbitrary origins. This allows requests to be made and viewed by arbitrary origins.
CVSS Score
9.1
EPSS Score
0.003
Published
2020-10-28
The API on Winston 1.5.4 devices is vulnerable to CSRF.
CVSS Score
8.8
EPSS Score
0.002
Published
2020-10-28
Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process) which is configured with default credentials.
CVSS Score
7.1
EPSS Score
0.0
Published
2020-10-28
Winston 1.5.4 devices are vulnerable to command injection via the API.
CVSS Score
9.8
EPSS Score
0.063
Published
2020-10-28