AI Content Chat (Beta) logo

RELAYTO Penetration Test Results

RELAYTO Penetration Test Results Result Check name CVE Publication date Scanning engine CVSS rating Risk factor Pass Sawmill 8.x < 8.1.7.3 Arbitrary File Disclosure 01 Nov 2010 7.8 (v2) High Pass Cisco IOS Software Multicast Source Discovery Protocol DoS (cisco-sa-20120328-msdp) CVE-2012-0382 02 Apr 2012 7.1 (v2) High Pass Arista Networks CloudVision Portal Privilege Escalation (SA0044) CVE-2019-18181 08 Jul 2020 7.8 (v3) High Pass Novatel MiFi Default Credentials 08 Nov 2010 10 (v2) Critical Pass Juniper Junos SSH TACACS+ Incorrect Permissions (PSN-2012-04-545) 25 Apr 2012 7.1 (v2) High Pass OS Identification : SIP 10 Nov 2010 None Pass ignitionServer umode Command Global Operator Privilege Escalation CVE-2004-2553 27 Aug 2004 6 (v2) Medium Pass FeedList Plugin for WordPress 'i' Parameter XSS CVE-2010-4637 18 Nov 2010 4.3 (v2) Medium Pass Novell GroupWise Document Viewer Agent Arbitrary File Download CVE-2010-4715 23 Nov 2010 7.8 (v2) High Pass Novell GroupWise Document Viewer Agent Web Console Accessible 23 Nov 2010 5 (v2) Medium Pass Novell GroupWise Internet Agent Accessible 23 Nov 2010 6.4 (v2) Medium Pass Xerox WorkCentre 77XX Multiple Vulnerabilities (XRX15R) (FREAK) (GHOST) CVE-2015-0204 CVE-2015-0235 11 Dec 2015 10 (v2) Critical Pass Mac OS X 10.7.x < 10.7.4 Multiple Vulnerabilities (BEAST) CVE-2011-1004 CVE-2011-1005 CVE-2011-1777 CVE-2011-1778 CVE-2011-1944 CVE-2011-2821 CVE-2011-2834 CVE-2011-2895 CVE-2011-3212 CVE-2011-3389 CVE-2011-3919 CVE-2011-4566 CVE-2011-4815 CVE-2011-4885 CVE-2012-0036 CVE-2012-0642 CVE-2012-0649 CVE-2012-0652 CVE-2012-0654 CVE-2012-0655 CVE-2012-0656 CVE-2012-0657 CVE-2012-0658 CVE-2012-0659 CVE-2012-0660 CVE-2012-0661 CVE-2012-0662 CVE-2012-0675 CVE-2012-083010 May 2012 10 (v2) Critical Pass FTP Server Traversal Arbitrary File Access (RETR) 24 Nov 2010 5.3 (v3) Medium Pass DiskPulse Server Default Credentials 09 Dec 2010 10 (v2) Critical Pass Remote Code Execution in DiskPulse Server 09 Dec 2010 10 (v2) Critical Pass Juniper Junos ICMPv6 DoS (PSN-2012-07-644) 17 Jul 2012 5.4 (v2) Medium Pass EMC Documentum D2 < 4.1 P22 / 4.2 P11 Multiple Vulnerabilities (ESA-2015-010) CVE-2015-0517 CVE-2015-0518 13 Feb 2015 9 (v2) High Pass pfSense < 2.2.3 Multiple Vulnerabilities (SA-15_07) (Logjam) CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-2325 CVE-2015-2326 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-4000 CVE-2015-4029 CVE-2015-4171 CVE-2015-4598 CVE-2015-4642 CVE-2015-4643 CVE-2015-4644 CVE-2015-6508 CVE-2015-6509 CVE-2015-6510 CVE-2015-651131 Jan 2018 9.8 (v3) Critical Pass BMC SNMP Agent Default Community Name (public) 14 Dec 2010 7.5 (v2) High Pass INN < 2.2.2 Crafted Article Handling Remote Overflow CVE-2000-0360 08 Sep 2004 5 (v2) Medium Pass Juniper Junos load factory-default Privilege Escalation (PSN-2012-07-646) 17 Jul 2012 6.3 (v2) Medium Pass Juniper Junos J-Web Hash Collision DoS (PSN-2012-07-650) 17 Jul 2012 7.8 (v2) High Pass Openfire Admin Console login.jsp XSS 13 Dec 2010 4.3 (v2) Medium Pass Juniper Junos lo0 Firewall Bypass (PSN-2012-07-651) 17 Jul 2012 7.1 (v2) High Pass Juniper Junos host-inbound-traffic Implicit Allow (PSN-2012-07-653) 17 Jul 2012 4 (v2) Medium Pass DD-WRT Info.live.htm Information Disclosure 30 Dec 2010 3.3 (v2) Low Pass Cisco IOS Software DHCP Denial of Service Vulnerability (cisco-sa-20120926-dhcp) CVE-2012-4621 28 Sep 2012 7.8 (v2) High Pass Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1606) CVE-2019-1606 21 Jun 2019 7.8 (v3) High Pass HP StorageWorks MSA P2000 Default Credentials CVE-2012-0697 05 Jan 2011 9.8 (v3) Critical Pass PHP 5.2 < 5.2.17 / 5.3 < 5.3.5 String To Double Conversion DoS CVE-2010-4645 07 Jan 2011 5 (v2) Medium Pass OpenBiblio < 0.5.2 Multiple Scripts Local File Inclusion CVE-2006-5149 03 Oct 2006 7.5 (v2) High Pass Openfiler Management Interface Default Administrator Credentials 12 Jan 2011 7.5 (v2) High Pass Cisco IOS Software DHCP Version 6 Server Denial of Service Vulnerability (cisco-sa-20120926-dhcpv6) CVE-2012-4623 28 Sep 2012 7.8 (v2) High Pass PRTG Network Monitor Default Credentials 04 Feb 2011 7.5 (v2) High Pass Microsoft System Center Configuration Manager Management Point Detection 01 Feb 2011 None Pass Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability (cisco-sa-20120926-sip) CVE-2012-3949 28 Sep 2012 7.8 (v2) High Pass PRTG Network Monitor login.htm errormsg Parameter XSS 04 Feb 2011 4.3 (v2) Medium Pass Arista Networks Networks CloudVision Portal IP fragment DoS (SA0037) CVE-2018-5391 09 Jul 2020 7.5 (v3) High Pass MailEnable IMAP Server (meimaps.exe) Crafted RENAME Command Remote DoS CVE-2005-3813 28 Nov 2005 4 (v2) Medium Pass F-Secure Internet Gatekeeper Default Administrator Credentials 18 Feb 2011 7.5 (v2) High Pass Mac OS X 10.8.x < 10.8.3 Multiple Vulnerabilities CVE-2011-3058 CVE-2012-2088 CVE-2012-3749 CVE-2012-3756 CVE-2013-0963 CVE-2013-0966 CVE-2013-0967 CVE-2013-0969 CVE-2013-0970 CVE-2013-0971 CVE-2013-097615 Mar 2013 9.3 (v2) High Pass Cisco NX-OS Software Border Gateway Protocol DoS (cisco-sa-20180620-nxosbgp) CVE-2018-0295 09 Jul 2020 7.5 (v3) High Pass Cisco IOS Software Network Address Translation Vulnerability (cisco-sa-20130327-nat) CVE-2013-1142 10 Apr 2013 7.8 (v2) High Pass Cisco NX-OS Software Internet Group Management Protocol Snooping RCE and DoS (cisco-sa-20180620-nxosigmp)CVE-2018-0292 09 Jul 2020 8.8 (v3) High Pass Juniper Junos Proxy ARP DoS (PSN-2013-04-913) 20 May 2013 7.8 (v2) High Pass Adobe ColdFusion Admin Requires No Authentication 05 Apr 2011 7.5 (v2) High Pass Juniper Junos IPv6 Egress Filter DoS (PSN-2013-04-915) 20 May 2013 7.1 (v2) High Pass Cisco Email Security Appliance Internal Testing Interface RCE CVE-2016-6406 05 Oct 2016 9.8 (v3) Critical Pass pfSense Detection 22 Feb 2018 None Pass NUUO NVRMini2 Authenticated Command Injection CVE-2018-15716 03 Dec 2018 8.8 (v3) High Pass Juniper Junos GRE DoS (PSN-2013-04-917) 20 May 2013 6.1 (v2) Medium Pass Zend Server Java Bridge Arbitrary Java Code Execution 22 Apr 2011 10 (v2) Critical Pass Grandstream SIP Detection 28 Mar 2019 None Pass MediaWiki API XSS CVE-2011-1587 15 Apr 2011 4.3 (v2) Medium Pass WordPress < 2.1.1 Multiple Script Backdoors CVE-2007-1277 02 Mar 2007 7.5 (v2) High Pass NCR Aloha POS SOAP API Detection 29 Mar 2018 None Pass Juniper Junos DNSSEC Validation DoS (PSN-2013-04-918) CVE-2012-3817 20 May 2013 7.8 (v2) High Pass Puppet Enterprise x < 2018.1.9 / 2019.x.x < 2019.0.3 Default Password Vulnerabilities CVE-2019-10694 09 Oct 2019 9.8 (v3) Critical Pass EMC RSA Archer WebUI Detection 07 Jul 2017 None Pass Oracle Primavera Unifier Detection 21 Jul 2017 None Pass IceWarp install/index.html lang Parameter XSS 11 May 2011 4.3 (v2) Medium Pass is_human() Plugin for WordPress 'type' Parameter Command Injection 18 May 2011 7.5 (v2) High Pass IBM Tivoli Provisioning Manager OS Deployment Multiple Stack Overflows CVE-2007-1868 03 May 2007 10 (v2) Critical Pass Postfix Cyrus SASL Authentication Context Data Reuse Memory Corruption (exploit) CVE-2011-1720 19 May 2011 6.8 (v2) Medium Pass Vacron NVR Web Interface Detection 24 Oct 2017 None Pass AOST Network Video Recorder Detection 25 Oct 2017 None Pass IBM BigFix Remote Control Detection 27 Dec 2016 None Pass Cisco NX-OS Software Image Signature Verification (cisco-sa-20190306-nxos-sig-verif) CVE-2019-1615 09 Jul 2020 6.7 (v3) Medium Pass SiteMinder 5.5 Multiple Script XSS CVE-2005-2204 11 Jul 2005 4.3 (v2) Medium Pass Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1779) CVE-2019-1779 02 Sep 2019 6.7 (v3) Medium Pass Kodi Media Player Detection 22 Mar 2017 None Pass SonicWALL Global Management System (GMS) / Analyzer Universal Management Appliance or Host (UMA / UMH) Information Disclosure 09 Dec 2016 5.3 (v3) Medium Pass HP Onboard Administrator < 4.22 Remote Information Disclosure CVE-2014-0224 03 Jul 2014 5.8 (v2) Medium Pass WPtouch Plugin for WordPress 'wptouch_redirect' Parameter URL Redirection 28 Jun 2011 4.3 (v2) Medium Pass ManageEngine ServiceDesk Plus Default Administrator Credentials 28 Jun 2011 7.5 (v2) High Pass Apple iTunes < 12.9.6 Multiple Vulnerabilities (uncredentialed check) CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8685 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-1311826 Jul 2019 8.8 (v3) High Pass Active Directory Certificate Services Web Enrollment Anonymous Access 15 Jun 2011 5 (v2) Medium Pass Mac OS X 10.8.x < 10.8.4 Multiple Vulnerabilities CVE-2011-1945 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0050 CVE-2012-2110 CVE-2012-2131 CVE-2012-2333 CVE-2012-4929 CVE-2012-5519 CVE-2013-0975 CVE-2013-0982 CVE-2013-0983 CVE-2013-0985 CVE-2013-0986 CVE-2013-0987 CVE-2013-0988 CVE-2013-0989 CVE-2013-0990 CVE-2013-102405 Jun 2013 9.3 (v2) High Pass Polycom SoundPoint IP Phones reg_1.html SIP Information Disclosure 22 Jun 2011 5 (v2) Medium Pass Trend Micro Data Loss Prevention Virtual Appliance Encoded Traversal Arbitrary File Access 29 Jun 2011 5 (v2) Medium Pass eScan < 9.0.718.1 MicroWorld Agent service (MWAGENT.EXE) Command Decryption Overflow CVE-2007-2687 24 May 2007 10 (v2) Critical Pass Adobe ColdFusion Remote Development Services Enabled Without Authentication 05 Jul 2011 6.4 (v2) Medium Pass SQL Dump Files Disclosed via Web Server 21 Jul 2011 5 (v2) Medium Pass OpenSSL 1.1.0 < 1.1.0d Multiple Vulnerabilities CVE-2017-3730 CVE-2017-3731 CVE-2017-3732 30 Jan 2017 5.9 (v3) Medium Pass Oracle iPlanet Web Server 7.0.x < 7.0.20 Multiple Vulnerabilities CVE-2013-1739 CVE-2013-1740 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 CVE-2014-1490 CVE-2014-1491 CVE-2014-1492 18 Jul 2014 7.5 (v2) High Pass SolarWinds Server & Application Monitor (SAM) Detection 03 Jun 2016 None Pass SolarWinds Virtualization Manager Detection 13 Jul 2016 None Pass Oracle Secure Backup Administration Server login.php uname Parameter Arbitrary Command Injection CVE-2011-2261 25 Jul 2011 10 (v2) Critical Pass MS11-061: Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250) (uncrCVE-2011-1263edentialed check) 09 Aug 2011 4.3 (v2) Medium Pass Symantec Veritas Storage Foundation Scheduler Service (VxSchedService.exe) Remote Code Execution CVE-2007-2279 04 Jun 2007 9.3 (v2) High Pass iniNet SpiderControl SCADA Web Server 2.02 Local Privilege Escalation 27 Jan 2016 7.2 (v2) High Pass Cisco Security Manager Web Server Detection 05 Feb 2016 None Pass HP SiteScope Default Credentials 31 Aug 2011 7.5 (v2) High Pass CGI Generic XSS (extended patterns) 03 Aug 2011 4.3 (v2) Medium Pass macOS 10.14.x < 10.14.6 SU2 / 10.13.x < 10.13.6 Update 2019-005 / 10.12.x < 10.12.6 Update 2019-005 Out-of-Bounds Read VCVE-2019-8641 ulnerability 30 Sep 2019 9.8 (v3) Critical Pass Netatalk OpenSession Remote Code Execution CVE-2018-1160 20 Dec 2018 9.8 (v3) Critical Pass PCI DSS Compliance : Insecure Communication Has Been Detected 15 Sep 2011 5.3 (v3) Medium Pass GoodTech SMTP Server < 5.17 Multiple Buffer Overflows CVE-2005-2387 04 Aug 2005 10 (v2) Critical Pass NetIQ Access Manager Detect 18 Feb 2015 None Pass IBM Rational ClearQuest Web Client Detection 12 Mar 2015 None Pass ManageEngine NetFlow Analyzer Detection 16 Mar 2015 None Pass Visualware MyConnection Server Web Detection 02 Apr 2015 None Pass Apache <= 2.0.51 Satisfy Directive Access Control Bypass CVE-2004-0811 23 Sep 2004 7.3 (v3) High Pass SSL Certificate Fails to Adhere to Basic Constraints / Key Usage Extensions 23 Sep 2011 6.4 (v2) Medium Pass SMB Use Host SID to Enumerate Local Users Without Credentials CVE-2000-1200 15 Sep 2011 5.3 (v3) Medium Pass CGI Generic XPath Injection (2nd pass) 21 Sep 2011 5 (v2) Medium Pass HP Operations Orchestration Detection 07 May 2015 None Pass ManageEngine ADSelfService Plus resetUnLock Authentication Bypass CVE-2011-3485 14 Oct 2011 7.5 (v2) High 1

RELAYTO Penetration Test Results - Page 1 RELAYTO Penetration Test Results Page 2