Monroe Electronics » R189 One-net Eas : Security Vulnerabilities, CVEs, CVSS score >= 9
The Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 have a default password for an administrative account, which makes it easier for remote attackers to obtain access via an IP network.
Max CVSS
10.0
EPSS Score
0.60%
Published
2013-06-30
Updated
2013-07-01
The administrative web server on the Digital Alert Systems DASDEC EAS device through 2.0-2 and the Monroe Electronics R189 One-Net EAS device through 2.0-2 uses predictable session ID values, which makes it easier for remote attackers to hijack sessions by sniffing the network. NOTE: VU#662676 states "Monroe Electronics could not reproduce this finding.
Max CVSS
10.0
EPSS Score
0.56%
Published
2013-06-30
Updated
2024-04-11
The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session.
Max CVSS
10.0
EPSS Score
0.73%
Published
2013-06-30
Updated
2020-01-29
3 vulnerabilities found