Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2015-2909

Published: 06/02/2020 Updated: 12/02/2020
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Netvu

Vulnerability Summary

Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the administrator configures login credentials, which makes it easier for remote malicious users to obtain access by leveraging situations in which this warning was not heeded. NOTE: the vendor states "The user is presented with clear warnings on the GUI that they should set usernames and passwords."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

netvu dv-ip_express_firmware -

netvu sd-advanced_-_sdhd_firmware -

netvu sd-advanced_8\\/12\\/16_vga_firmware -

netvu sd_advanced_closed_iptv_\\(m3u\\)_firmware -

netvu sd_advanced_non_closed_iptv_\\(m3u\\)_firmware -

netvu sd_advanced_nvr_firmware -

netvu sd_32_\\(m3g\\)_firmware -

netvu sd_32_\\(m3h\\)_firmware -

netvu sd_4_\\(m3s\\)_firmware -

netvu sd_4_\\(m3t\\)_firmware -

netvu sd_8\\/12\\/16_no_kbd_\\(m3r\\)_firmware -

netvu sd_8\\/12\\/16_no_kbd_\\(m3s\\)_firmware -

netvu sd_8\\/16_front_panel_kbd_\\(m3r\\)_firmware -

netvu sd_8\\/16_front_panel_kbd_\\(m3u\\)_firmware -

netvu ecosense_4\\/8\\/16_\\(m4t\\)_firmware -

netvu ds2_\\(dvtr\\)_firmware -

netvu ds2_\\(dvtu\\)_firmware -

netvu ds2_\\(dvtx\\)_firmware -

netvu ds2_\\(dvtx\\)_netvu_connected_firmware -

netvu ds2_\\(m2ip\\)_firmware -

References

CWE-269http://cybergibbons.com/security-2/shodan-searches/interesting-shodan-searches-sd-advanced-dvrs/http://www.kb.cert.org/vuls/id/276148https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/276148
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook