CVE-2020-10207
Severity CVSS v4.0:
Pending analysis
Type:
CWE-798
Use of Hard-coded Credentials
Publication date:
29/12/2020
Last modified:
14/01/2021
Description
Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows remote attackers to retrieve and modify the device settings.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:amino:ak45x_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amino:ak45x:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amino:ak5xx_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amino:ak5xx:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amino:ak65x_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amino:ak65x:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amino:aria6xx_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amino:aria6xx:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amino:aria7xx_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amino:aria7xx:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amino:kami7b_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amino:kami7b:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page