1 |
Improper Access Control (CWE-284)
CVE-2019-5136 / TALOS-2019-0925 |
Improper system access as a higher privilege user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
2 |
Use of Hard-coded Cryptographic Key (CWE-321)
CVE-2019-5137 / TALOS-2019-0926 |
Exploitable Hard-coded Cryptographic Key allows for the decryption of captured traffic. |
3 |
Improper Neutralization of Special Elements used in an OS Command (CWE-78)
CVE-2019-5138 / TALOS-2019-0927 |
Remote Command Injection to gain control over a device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
4 |
Use of Hard-coded Credentials (CWE-798)
CVE-2019-5139 / TALOS-2019-0928 |
Exploitable hard-coded credentials. |
5 |
Improper Neutralization of Special Elements used in an OS Command (CWE-78)
CVE-2019-5140 / TALOS-2019-0929 |
Remote Command Injection to gain control over a device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
6 |
Improper Neutralization of Special Elements used in an OS Command (CWE-78)
CVE-2019-5141 / TALOS-2019-0930 |
Remote Command Injection to gain control over a device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
7 |
Improper Neutralization of Special Elements used in an OS Command (CWE-78)
CVE-2019-5142 / TALOS-2019-0931 |
Remote Command Injection to gain control over a device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
8 |
Buffer Copy without Checking Size of Input (CWE-120)
CVE-2019-5143 / TALOS-2019-0932 |
This vulnerability may cause remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
9 |
Out-of-bounds Read (CWE-125)
CVE-2019-5148 / TALOS-2019-0938 |
An attacker can send a crafted packet and cause denial-of-service of the device. |
10 |
Stack-based Buffer Overflow (CWE-121)
CVE-2019-5153 / TALOS-2019-0944 |
This vulnerability may cause remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
11 |
Improper Access Control (CWE-284)
CVE-2019-5162 / TALOS-2019-0955 |
Improper remote shell access to the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
12 |
Authentication Bypass Using an Alternate Path or Channel (CWE-288)
CVE-2019-5165 / TALOS-2019-0960 |
An exploitable authentication bypass vulnerability. Attacker can trigger authentication bypass on specially configured device. |