Lucene search

MitreCVE-2020-21995

HistoryApr 29, 2021 - 3:15 p.m.

CVE-2020-21995

2021-04-2915:15:10

CWE-798

mitre

web.nvd.nist.gov

cve-2020-21995

inim electronics

smartliving

smartlan

default credentials

telnet

ssh

ftp

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.023

Percentile

89.9%

JSON

Inim Electronics Smartliving SmartLAN/G/SI <=6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system.

Affected configurations

Nvd

Node

inimsmartliving_505Match-

AND

inimsmartliving_505_firmwareRange≤6.0

Node

inimsmartliving_515Match-

AND

inimsmartliving_515_firmwareRange≤6.0

Node

inimsmartliving_1050Match-

AND

inimsmartliving_1050_firmwareRange≤6.0

Node

inimsmartliving_1050g3Match-

AND

inimsmartliving_1050g3_firmwareRange≤6.0

Node

inimsmartliving_10100lMatch-

AND

inimsmartliving_10100l_firmwareRange≤6.0

Node

inimsmartliving_10100lg3Match-

AND

inimsmartliving_10100lg3_firmwareRange≤6.0

VendorProductVersionCPE
inimsmartliving_505-cpe:2.3:h:inim:smartliving_505:-:*:*:*:*:*:*:*
inimsmartliving_505_firmware*cpe:2.3:o:inim:smartliving_505_firmware:*:*:*:*:*:*:*:*
inimsmartliving_515-cpe:2.3:h:inim:smartliving_515:-:*:*:*:*:*:*:*
inimsmartliving_515_firmware*cpe:2.3:o:inim:smartliving_515_firmware:*:*:*:*:*:*:*:*
inimsmartliving_1050-cpe:2.3:h:inim:smartliving_1050:-:*:*:*:*:*:*:*
inimsmartliving_1050_firmware*cpe:2.3:o:inim:smartliving_1050_firmware:*:*:*:*:*:*:*:*
inimsmartliving_1050g3-cpe:2.3:h:inim:smartliving_1050g3:-:*:*:*:*:*:*:*
inimsmartliving_1050g3_firmware*cpe:2.3:o:inim:smartliving_1050g3_firmware:*:*:*:*:*:*:*:*
inimsmartliving_10100l-cpe:2.3:h:inim:smartliving_10100l:-:*:*:*:*:*:*:*
inimsmartliving_10100l_firmware*cpe:2.3:o:inim:smartliving_10100l_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
inim	smartliving_505	-	cpe:2.3:h:inim:smartliving_505:-:::::::*
inim	smartliving_505_firmware	*	cpe:2.3:o:inim:smartliving_505_firmware::::::::
inim	smartliving_515	-	cpe:2.3:h:inim:smartliving_515:-:::::::*
inim	smartliving_515_firmware	*	cpe:2.3:o:inim:smartliving_515_firmware::::::::
inim	smartliving_1050	-	cpe:2.3:h:inim:smartliving_1050:-:::::::*
inim	smartliving_1050_firmware	*	cpe:2.3:o:inim:smartliving_1050_firmware::::::::
inim	smartliving_1050g3	-	cpe:2.3:h:inim:smartliving_1050g3:-:::::::*
inim	smartliving_1050g3_firmware	*	cpe:2.3:o:inim:smartliving_1050g3_firmware::::::::
inim	smartliving_10100l	-	cpe:2.3:h:inim:smartliving_10100l:-:::::::*
inim	smartliving_10100l_firmware	*	cpe:2.3:o:inim:smartliving_10100l_firmware::::::::

Rows per page:

1-10 of 121

References

www.exploit-db.com/exploits/47763

www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5546.php

Social References

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.023

Percentile

89.9%

JSON

Related for CVE-2020-21995