Tattile S.R.L Anpr Mobile vulnerabilities
3 known vulnerabilities affecting tattile_s.r.l/anpr_mobile.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2026-26341P2CRITICALCVSS 9.8PoC≤ 1.181.52026-02-24
CVE-2026-26341 [CRITICAL] CWE-1392 CVE-2026-26341: Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with defaul
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with default credentials that are not forced to be changed during installation or commissioning. An attacker who can reach the management interface can authenticate using the default credentials and gain administrative access, enabling unauthorized access to
nvd
CVE-2026-26342P2CRITICALCVSS 9.8≤ 1.181.52026-02-24
CVE-2026-26342 [CRITICAL] CWE-613 CVE-2026-26342: Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an aut
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an authentication token (X-User-Token) with insufficient expiration. An attacker who obtains a valid token (for example via interception, log exposure, or token reuse on a shared system) can continue to authenticate to the management interface until the t
nvd
CVE-2026-26340P3HIGHCVSS 7.5≤ 1.181.52026-02-24
CVE-2026-26340 [HIGH] CWE-306 CVE-2026-26340: Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP stre
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of surveillance data.
nvd