VYPR

S14

by Mobotix

CVEs (5)

  • CVE-2019-7674CriFeb 9, 2019
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/access accepts a request to set the "aaaaa" password, considered insecure for some use cases, from a user.

  • CVE-2009-5154CriFeb 9, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of meinsm for the admin account.

  • CVE-2019-12502HigMay 31, 2019
    risk 0.57cvss 8.8epss 0.01

    There is a lack of CSRF countermeasures on MOBOTIX S14 MX-V4.2.1.61 cameras, as demonstrated by adding an admin account via the /admin/access URI.

  • CVE-2019-7675HigFeb 9, 2019
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application is delivered over cleartext HTTP with Basic Authentication, as demonstrated by the /admin/index.html URI.

  • CVE-2019-7673HigFeb 9, 2019
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administrator Credentials are stored in the 13-character DES hash format.