VYPR
Vendor

Teracue

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2018-20218CriMar 21, 2019
    risk 0.68cvss 9.8epss 0.11

    An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. The login form passes user input directly to a shell command without any kind of escaping or validation in /usr/share/www/check.lp file. An attacker is able to perform command injection using the…

  • CVE-2018-20219HigMar 21, 2019
    risk 0.57cvss 8.1epss 0.15

    An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. After successful authentication, the device sends an authentication cookie to the end user such that they can access the devices web administration panel. This token is hard-coded to a string in the…

  • CVE-2018-20220HigMar 21, 2019
    risk 0.53cvss 7.5epss 0.15

    An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. While the web interface requires authentication before it can be interacted with, a large portion of the HTTP endpoints are missing authentication. An attacker is able to view these pages before…