Aptus
by Intellian
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-7980 | 0.10 | — | 0.83 | Jan 25, 2020 | Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed. | |||
| CVE-2020-8000 | 0.00 | — | 0.02 | Jan 27, 2020 | Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account. | |||
| CVE-2020-8001 | 0.00 | — | 0.02 | Jan 27, 2020 | The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account. | |||
| CVE-2020-7999 | 0.00 | — | 0.01 | Jan 27, 2020 | The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOAD_API_KEY and FILE_DOWNLOAD_API_KEY. |
- CVE-2020-7980Jan 25, 2020risk 0.10cvss —epss 0.83
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.
- CVE-2020-8000Jan 27, 2020risk 0.00cvss —epss 0.02
Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account.
- CVE-2020-8001Jan 27, 2020risk 0.00cvss —epss 0.02
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account.
- CVE-2020-7999Jan 27, 2020risk 0.00cvss —epss 0.01
The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOAD_API_KEY and FILE_DOWNLOAD_API_KEY.