Firmware Vulnerability: Arbitrary Command Execution via Password File Exposure in iSmartAlarm CubeOne

CVE-2017-13664 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to execute arbitrary commands with administrative privileges by retrieving credentials from this file.

Learn more about our Web Application Penetration Testing UK.