VYPR

SkyBridge MB-A200

by Seiko

CVEs (5)

  • CVE-2022-36560CriAug 29, 2022
    risk 0.64cvss 9.8epss 0.01

    Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain multiple hard-coded passcodes for root. Attackers are able to access the passcodes at /etc/srapi/config/system.conf and /usr/sbin/ssol-sshd.sh.

  • CVE-2022-36559CriAug 29, 2022
    risk 0.64cvss 9.8epss 0.02

    Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain a command injection vulnerability via the Ping parameter at ping_exec.cgi.

  • CVE-2022-36558CriAug 29, 2022
    risk 0.64cvss 9.8epss 0.01

    Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg.

  • CVE-2022-36557CriAug 29, 2022
    risk 0.64cvss 9.8epss 0.01

    Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file.

  • CVE-2022-36556CriAug 29, 2022
    risk 0.64cvss 9.8epss 0.01

    Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08execute_ping_01.