VYPR

P82

by Precor

CVEs (4)

  • CVE-2023-49223HigJun 7, 2024
    risk 0.57cvss 8.8epss 0.00

    Precor touchscreen console P62, P80, and P82 could allow a remote attacker to obtain sensitive information because the root password is stored in /etc/passwd. An attacker could exploit this to extract files and obtain sensitive information.

  • CVE-2023-49222HigJun 7, 2024
    risk 0.57cvss 8.8epss 0.00

    Precor touchscreen console P82 contains a private SSH key that corresponds to a default public key. A remote attacker could exploit this to gain root privileges.

  • CVE-2023-49224HigJun 7, 2024
    risk 0.52cvss 8.0epss 0.00

    Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the authorized_keys file. A remote attacker could use this key to gain root privileges.

  • CVE-2023-49221HigJun 7, 2024
    risk 0.51cvss 7.8epss 0.00

    Precor touchscreen console P62, P80, and P82 could allow a remote attacker (within the local network) to bypass security restrictions, and access the service menu, because there is a hard-coded service code.