CVE-2013-4862

Published: 2020-01-28T17:15Z

Last Modified: 2024-11-21T01:56Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

MiCasaVerde VeraLite with firmware 1.5.408 does not properly restrict access, which allows remote authenticated users to (1) update the firmware via the squashfs parameter to upgrade_step2.sh or (2) obtain hashed passwords via the cgi-bin/cmh/backup.sh page. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt