Vulnerabilities in Auto-Maskin
4 resultsCVE-2018-5399CRITICALThe Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running and is configured with a hard-coded credentialsEPSS 2.1%CVE-2018-5402CRITICALThe Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PINEPSS 0.9%CVE-2018-5401CRITICALThe Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App transmit sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actorsEPSS 0.9%CVE-2018-5400CRITICALThe Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices, resulting in an origin validation errorEPSS 0.7%