Ismartalarm - Cubeone Firmware CVE

Filtered by vendor Ismartalarm Subscribe

Filtered by product Cubeone Firmware

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-7728	1 Ismartalarm	2 Cubeone, Cubeone Firmware	2021-08-25	7.5 HIGH	9.8 CRITICAL
On iSmartAlarm cube devices, there is authentication bypass leading to remote execution of commands (e.g., setting the alarm on/off), related to incorrect cryptography.
CVE-2017-13664	1 Ismartalarm	2 Cubeone, Cubeone Firmware	2017-12-18	5.0 MEDIUM	9.8 CRITICAL
Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to execute arbitrary commands with administrative privileges by retrieving credentials from this file.

Vulnerabilities (CVE)