Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-2081 | 1 Datto | 16 Alto 2, Alto 2 Firmware, Alto 3 and 13 more | 2018-03-19 | 7.5 HIGH | 9.8 CRITICAL |
Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts. | |||||
CVE-2015-9254 | 1 Datto | 16 Alto 2, Alto 2 Firmware, Alto 3 and 13 more | 2018-03-19 | 7.5 HIGH | 9.8 CRITICAL |
Datto ALTO and SIRIS devices have a default VNC password. | |||||
CVE-2015-9256 | 1 Datto | 16 Alto 2, Alto 2 Firmware, Alto 3 and 13 more | 2018-03-19 | 5.0 MEDIUM | 5.3 MEDIUM |
Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information via access to device/VM restore mount points, because they do not have ACLs by default. | |||||
CVE-2015-9255 | 1 Datto | 16 Alto 2, Alto 2 Firmware, Alto 3 and 13 more | 2018-03-19 | 5.0 MEDIUM | 5.3 MEDIUM |
Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information about data, software versions, configuration, and virtual machines via a request to a Web Virtual Directory. |