Svakom Siime Eye Firmware vulnerabilities
2 known vulnerabilities affecting svakom/siime_eye_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-11920P2CRITICALCVSS 9.8v14.1.00000001.3.330.0.0.3.142021-02-08
CVE-2020-11920 [CRITICAL] CWE-78 CVE-2020-11920: An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. A command injection vulner
An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. A command injection vulnerability resides in the HOST/IP section of the NFS settings menu in the webserver running on the device. By injecting Bash commands via shell metacharacters here, the device executes arbitrary code with root privileges (all of the device's services ar
nvd
CVE-2020-11915P4MEDIUMCVSS 6.8v14.1.00000001.3.330.0.0.3.142021-02-08
CVE-2020-11915 [MEDIUM] CWE-1188 CVE-2020-11915: An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. By sending a set_params.cg
An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. By sending a set_params.cgi?telnetd=1&save=1&reboot=1 request to the webserver, it is possible to enable the telnet interface on the device. The telnet interface can then be used to obtain access to the device with root privileges via a reecam4debug default password. This def
nvd