GCVE - cpe:2.3:o:amino:aria7xx_firmware:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:amino:aria7xx_firmware:-:*:*:*:*:*:*:*

part: o version: - update: *

Vendor	Amino (`87511d93-801e-5404-9ca3-a76f0aa13bd7`)
Product	Aria7Xx Firmware (`d43a9f58-7fd1-54b6-ba65-db310dc06502`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-10210`	vulnerable	2026-06-08 05:16:34.874218	Details available Because of hard-coded SSH keys for the root user in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series, Kami7B, an attacker may remotely log in through SSH. Published: 2020-12-29T22:10:05.000Z Updated: 2024-08-04T10:58:39.825Z Open on db.gcve.eu Reference links https://andre-oudhof.medium.com/pwning-my-isps-stbs-c5e78544274d#1ab7	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-10209`	vulnerable	2026-06-08 05:16:34.873616	Details available Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows man-in-the-middle attackers to execute arbitrary commands with root level privileges. Published: 2020-12-29T23:43:53.000Z Updated: 2024-08-04T10:58:39.999Z Open on db.gcve.eu Reference links https://andre-oudhof.medium.com/pwning-my-isps-stbs-c5e78544274d#4dbc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-10208`	vulnerable	2026-06-08 05:16:34.873020	Details available Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows authenticated remote attackers to execute arbitrary commands with root user privileges. Published: 2020-12-29T23:41:12.000Z Updated: 2024-08-04T10:58:39.621Z Open on db.gcve.eu Reference links https://andre-oudhof.medium.com/pwning-my-isps-stbs-c5e78544274d#9cf3	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-10207`	vulnerable	2026-06-08 05:16:34.872405	Details available Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows remote attackers to retrieve and modify the device settings. Published: 2020-12-29T22:15:06.000Z Updated: 2024-08-04T10:58:39.622Z Open on db.gcve.eu Reference links https://andre-oudhof.medium.com/pwning-my-isps-stbs-c5e78544274d#87fe	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-10206`	vulnerable	2026-06-08 05:16:34.870165	Details available Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows local attackers to view and interact with the video output of the device. Published: 2020-12-29T23:47:17.000Z Updated: 2024-08-04T10:58:39.907Z Open on db.gcve.eu Reference links https://andre-oudhof.medium.com/pwning-my-isps-stbs-c5e78544274d#dda4	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.