VYPR

Amegaview

by Mesa Labs

CVEs (5)

  • CVE-2021-27449CriDec 21, 2021
    risk 0.65cvss 9.9epss 0.03

    Mesa Labs AmegaView Versions 3.0 and prior has a command injection vulnerability that can be exploited to execute commands in the web server.

  • CVE-2021-27447CriDec 21, 2021
    risk 0.65cvss 10.0epss 0.02

    Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code.

  • CVE-2021-27445HigDec 21, 2021
    risk 0.51cvss 7.8epss 0.00

    Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited to escalate privileges on the device.

  • CVE-2021-27453HigDec 21, 2021
    risk 0.48cvss 7.3epss 0.01

    Mesa Labs AmegaView Versions 3.0 uses default cookies that could be set to bypass authentication to the web application, which may allow an attacker to gain access.

  • CVE-2021-27451HigDec 21, 2021
    risk 0.48cvss 7.3epss 0.01

    Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible algorithm, which may allow an attacker to gain access to the device.