Vendor

Mesa Labs

Products

CVEs

Across products

Status

Private

Products

CVE	CVSS	EPSS	Published	Description
CVE-2021-27451	—	0.00	Dec 21, 2021	Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible algorithm, which may allow an attacker to gain access to the device.
CVE-2021-27447	—	0.01	Dec 21, 2021	Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code.
CVE-2021-27453	—	0.00	Dec 21, 2021	Mesa Labs AmegaView Versions 3.0 uses default cookies that could be set to bypass authentication to the web application, which may allow an attacker to gain access.
CVE-2021-27449	—	0.01	Dec 21, 2021	Mesa Labs AmegaView Versions 3.0 and prior has a command injection vulnerability that can be exploited to execute commands in the web server.
CVE-2021-27445	—	0.00	Dec 21, 2021	Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited to escalate privileges on the device.

CVE-2021-27451Dec 21, 2021
risk 0.00cvss —epss 0.00
Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible algorithm, which may allow an attacker to gain access to the device.
CVE-2021-27447Dec 21, 2021
risk 0.00cvss —epss 0.01
Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code.
CVE-2021-27453Dec 21, 2021
risk 0.00cvss —epss 0.00
Mesa Labs AmegaView Versions 3.0 uses default cookies that could be set to bypass authentication to the web application, which may allow an attacker to gain access.
CVE-2021-27449Dec 21, 2021
risk 0.00cvss —epss 0.01
Mesa Labs AmegaView Versions 3.0 and prior has a command injection vulnerability that can be exploited to execute commands in the web server.
CVE-2021-27445Dec 21, 2021
risk 0.00cvss —epss 0.00
Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited to escalate privileges on the device.