CyberSec.Space Logo
CVEブラウザに戻る

CVE-2021-37555

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1800%
EPSS Percentile43.74th
Published2021年7月26日
Last Modified2024年11月21日

Vulnerability Description

TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled BusyBox utilities (e.g., tar and nc).

Affected Platforms (CPE)

💻
Trixie

Tx9 Automatic Food Dispenser Firmware

= 3.2.57

References & Advisories

🔗 http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-296520
🔗 http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-296520

関連する脆弱性情報

CVE-2021-3303210.0

A Remote Code Execution (RCE) vulnerability in the WebUI component of the eQ-3 HomeMatic CCU2 firmware up to and including version...

CVE-2021-3279810.0

The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can ex...

CVE-2021-3011610.0

Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offe...

CVE-2021-3851610.0

Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 be...