← back
CVE-2019-6814

CVE-2019-6814

EPSS 36.6%CWE-287
Vexday Risk Score
50Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS EPSS 36.6%KEV nãoPoC públicaNuclei Metasploit simPatch
Lifecycle
25 Jan 2019Metasploit module available
22 May 2019Published on NVD
29 Jul 2019Public PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
A CWE-287: Improper Authentication vulnerability exists in the NET55XX Encoder with firmware prior to version 2.1.9.7 which could cause impact to confidentiality, integrity, and availability when a remote attacker crafts a malicious request to the encoder webUI.
Affected products
n/a · ÊNET55XX Encoder with firmware prior to version 2.1.9.Ê
public PoCs found1
exploitdbwww.exploit-db.com/exploits/47186unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.se.com/ww/en/download/document/SEVD-2019-134-01/