VYPR

CS-W50HD

by Planex

CVEs (2)

  • CVE-2017-12574CriAug 24, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows attackers to gain unauthorized access and control the…

  • CVE-2017-12573HigAug 24, 2018
    risk 0.57cvss 8.8epss 0.03

    An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". An attacker can send a crafted HTTP POST request to execute arbitrary code.…