Vendor

Harman

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-1984	Amx Harman AMX devices	Cri	0.64	9.8	0.02	Jan 22, 2016	The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2015-8362.
CVE-2015-8362	Harman Amx Firmware	Cri	0.64	9.8	0.03	Jan 22, 2016	The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2016-1984.
CVE-2019-11224	Harman MVP5150		0.02	—	0.27	May 15, 2019	HARMAN AMX MVP5150 v2.87.13 devices allow remote OS Command Injection.
CVE-2023-38523	Harman N-Series N1115 Wallplate Video Encoder		0.00	—	0.00	Jul 20, 2023	The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115…

CVE-2016-1984CriJan 22, 2016
Amx
Harman AMX devices
risk 0.64cvss 9.8epss 0.02
The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2015-8362.
CVE-2015-8362CriJan 22, 2016
Harman
Amx Firmware
risk 0.64cvss 9.8epss 0.03
The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2016-1984.
CVE-2019-11224May 15, 2019
Harman
MVP5150
risk 0.02cvss —epss 0.27
HARMAN AMX MVP5150 v2.87.13 devices allow remote OS Command Injection.
CVE-2023-38523Jul 20, 2023
Harman
N-Series N1115 Wallplate Video Encoder
risk 0.00cvss —epss 0.00
The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115…