Inim Smartliving 10100L Firmware vulnerabilities
2 known vulnerabilities affecting inim/smartliving_10100l_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2020-21992P2HIGHCVSS 8.8≤ 6.02021-04-29
CVE-2020-21992 [HIGH] CWE-78 CVE-2020-21992: Inim Electronics SmartLiving SmartLAN/G/SI <=6.x suffers from an authenticated remote command inject
Inim Electronics SmartLiving SmartLAN/G/SI <=6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary (ELF 32-bit LSB executable, ARM) is calling the 'sh' executable via the syste
nvd
CVE-2020-21995P2CRITICALCVSS 9.8≤ 6.02021-04-29
CVE-2020-21995 [CRITICAL] CWE-798 CVE-2020-21995: Inim Electronics Smartliving SmartLAN/G/SI <=6.x uses default hardcoded credentials. An attacker cou
Inim Electronics Smartliving SmartLAN/G/SI <=6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system.
nvd