Sign In
Advisories

Ilevia EVE X1 Server 4.7.18.0.eden Use of Default Credentials

Go Back
severity
critical
date
Affecting

  • EVE X1 Server <= 4.7.18.0.eden

CWE
  • CWE-1392 Use of Default Credentials
CVSS
9.3
CVSS V4 Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Credit
Gjoko Krstic of Zero Science Lab
Description
Ilevia EVE X1 Server firmware versions <= 4.7.18.0.eden contain a use of default credentials vulnerability that allows an unauthenticated attacker to obtain remote access. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet.