CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-7278
https://notcve.org/view.php?id=CVE-2019-7278
Optergy Proton/Enterprise devices have an Unauthenticated SMS Sending Service. Los dispositivos Optergy Proton/Enterprise tienen un servicio de envío de SMS no autenticado. • http://www.securityfocus.com/bid/108686 https://applied-risk.com/labs/advisories https://www.applied-risk.com/resources/ar-2019-008 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-7279
https://notcve.org/view.php?id=CVE-2019-7279
Optergy Proton/Enterprise devices have Hard-coded Credentials. Los dispositivos Optergy Proton/Enterprise tienen credenciales codificadas. • http://www.securityfocus.com/bid/108686 https://applied-risk.com/labs/advisories https://www.applied-risk.com/resources/ar-2019-008 • CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 91%CPEs: 2EXPL: 2CVE-2019-7276 – Optergy Proton and Enterprise BMS Command Injection using a backdoor
https://notcve.org/view.php?id=CVE-2019-7276
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console. Los dispositivos Optergy Proton/Enterprise permiten la ejecución remota de código raíz a través de una consola Backdoor. • https://www.exploit-db.com/exploits/47641 http://packetstormsecurity.com/files/171564/Optergy-Proton-And-Enterprise-BMS-2.0.3a-Command-Injection.html http://www.securityfocus.com/bid/108686 https://applied-risk.com/labs/advisories https://www.applied-risk.com/resources/ar-2019-008 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/optergy_bms_backdoor_rce_cve_2019_7276.rb •