PT-2020-15663 · Uraytech · Uraytech Iptv/H.264/H.265 Video Encoders

Alexei Kojenov

·

Published

2020-10-06

·

Updated

2020-10-20

·

CVE-2020-24218

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions URayTech IPTV/H.264/H.265 video encoders versions prior to 1.98
Description An issue was discovered that allows attackers to log in as root via a hard-coded password in the executable file.
Recommendations For versions prior to 1.98, update to version 1.98 or later to resolve the issue.

Exploit

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

CVE-2020-24218

Affected Products

Uraytech Iptv/H.264/H.265 Video Encoders