RELAYTO Penetration Test Results (101/101)

Pass HP Managed Printing Administration < 2.7.0 XSS CVE-2012-5219 30 Apr 2013 4.3 (v2) Medium Pass Lexmark Markvision Enterprise Default Credentials 06 May 2013 7.5 (v2) High Pass Lexmark Markvision Enterprise Remote Command Execution CVE-2013-3055 06 May 2013 9.3 (v2) High Pass Groovy Shell Unauthenticated Remote Command Execution CVE-2013-3055 06 May 2013 9.3 (v2) High Pass Android Emulator Telnet Port on Remote Host 11 May 2013 7.5 (v2) High Pass IBM SPSS SamplePower 3.0 < 3.0 FP 1 Multiple ActiveX Controls Arbitrary Code Execution CVE-2012-5945 CVE-2012-5946 CVE-2012-5947 CVE-2013-0593 16 May 2013 9.3 (v2) High Pass Mac OS X 10.6.x < 10.6.5 Multiple Vulnerabilities CVE-2008-4546 CVE-2009-0796 CVE-2009-0946 CVE-2009-2473 CVE-2009-2474 CVE-2009-2624 CVE-2009-3793 CVE-2009-4134 CVE-2010-0001 CVE-2010-0105 CVE-2010-0205 CVE-2010-0209 CVE-2010-0211 CVE-2010-0212 CVE-2010-0397 CVE-2010-0408 CVE-2010-0434 CVE-2010-1205 CVE-2010-1297 CVE-2010-1378 CVE-2010-1449 CVE-2010-1450 CVE-2010-1752 CVE-2010-1803 CVE-2010-1811 CVE-2010-1828 CVE-2010-1829 CVE-2010-1830 CVE-2010-1831 CVE-2010-1832 CVE-2010-1833 CVE-2010-1834 CVE-2010-1836 CVE-2010-1837 CVE-2010-1838 CVE-2010-1840 CVE-2010-1841 CVE-2010-1842 CVE-2010-1843 CVE-2010-1844 CVE-2010-1845 CVE-2010-1846 CVE-2010-1847 CVE-2010-1848 CVE-2010-1849 CVE-2010-1850 CVE-2010-2160 CVE-2010-2161 CVE-2010-2162 CVE-2010-2163 CVE-2010-2164 CVE-2010-2165 CVE-2010-2166 CVE-2010-2167 CVE-2010-2169 CVE-2010-2170 CVE-2010-2171 CVE-2010-2172 CVE-2010-2173 CVE-2010-2174 CVE-2010-2175 CVE-2010-2176 CVE-2010-2177 CVE-2010-2178 CVE-2010-2179 CVE-2010-2180 CVE-2010-2181 CVE-2010-2182 CVE-2010-2183 CVE-2010-2184 CVE-2010-2185 CVE-2010-2186 CVE-2010-2187 CVE-2010-2188 CVE-2010-2189 CVE-2010-2213 CVE-2010-2214 CVE-2010-2215 CVE-2010-2216 CVE-2010-2249 CVE-2010-2497 CVE-2010-2498 CVE-2010-2499 CVE-2010-2500 CVE-2010-2519 CVE-2010-2520 CVE-2010-2531 CVE-2010-2805 CVE-2010-2806 CVE-2010-2807 CVE-2010-2808 CVE-2010-2884 CVE-2010-2941 CVE-2010-3053 CVE-2010-3054 CVE-2010-3636 CVE-2010-3638 CVE-2010-3639 CVE-2010-3640 CVE-2010-3641 CVE-2010-3642 CVE-2010-3643 CVE-2010-3644 CVE-2010-3645 CVE-2010-3646 CVE-2010-3647 CVE-2010-3648 CVE-2010-3649 CVE-2010-3650 CVE-2010-3652 CVE-2010-3654 CVE-2010-3783 CVE-2010-3784 CVE-2010-3785 CVE-2010-3786 CVE-2010-3787 CVE-2010-3788 CVE-2010-3789 CVE-2010-3790 CVE-2010-3791 CVE-2010-3792 CVE-2010-3793 CVE-2010-3794 CVE-2010-3795 CVE-2010-3796 CVE-2010-3797 CVE-2010-3798 CVE-2010-397610 Nov 2010 10 (v2) Critical Pass VMware vCenter Server 5.5.x / 6.0.x / 6.5.x / 6.7.x Speculative Execution Side Channel Vulnerability (Foreshadow) (VMSA-2018-0020)CVE-2018-3646 15 Aug 2018 5.6 (v3) Medium Pass Xerox ColorQube 92XX Multiple OpenSSL Vulnerabilities (XRX15AD) (FREAK) (GHOST) (POODLE) CVE-2014-3566 CVE-2015-0204 CVE-2015-0235 11 Dec 2015 10 (v2) Critical Pass Palo Alto Networks PAN-OS 6.0.x < 6.0.14 Multiple Vulnerabilities 26 Aug 2016 8.8 (v3) High Pass Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities CVE-2006-7243 CVE-2010-0405 CVE-2010-1323 CVE-2010-1324 CVE-2010-1452 CVE-2010-2068 CVE-2010-2950 CVE-2010-3069 CVE-2010-3089 CVE-2010-3315 CVE-2010-3434 CVE-2010-3709 CVE-2010-3710 CVE-2010-3801 CVE-2010-3802 CVE-2010-3814 CVE-2010-3855 CVE-2010-3870 CVE-2010-4008 CVE-2010-4009 CVE-2010-4020 CVE-2010-4021 CVE-2010-4150 CVE-2010-4260 CVE-2010-4261 CVE-2010-4409 CVE-2010-4479 CVE-2010-4494 CVE-2011-0170 CVE-2011-0172 CVE-2011-0173 CVE-2011-0174 CVE-2011-0175 CVE-2011-0176 CVE-2011-0177 CVE-2011-0178 CVE-2011-0179 CVE-2011-0180 CVE-2011-0181 CVE-2011-0182 CVE-2011-0183 CVE-2011-0184 CVE-2011-0186 CVE-2011-0187 CVE-2011-0188 CVE-2011-0189 CVE-2011-0190 CVE-2011-0191 CVE-2011-0192 CVE-2011-0193 CVE-2011-0194 CVE-2011-141722 Mar 2011 7.6 (v2) High Pass Junos Space WebUI Default Credentials 31 May 2013 7.5 (v2) High Pass mDNS Detection (Local Network) 31 May 2013 None Pass HP System Management Homepage < 7.2.0.14 iprange Parameter Code Execution 22 May 2013 9.3 (v2) High Pass Splunk Enterprise < 5.0.17 / 6.0.13 / 6.1.12 / 6.2.12 / 6.3.8 / 6.4.4 or Splunk Light < 6.5.0 Multiple VulnerabilitiesCVE-2016-0772 CVE-2016-5636 CVE-2016-5699 17 Nov 2016 9.8 (v3) Critical Pass VMware vCenter Server Multiple Vulnerabilities (VMSA-2012-0005) CVE-2011-3190 CVE-2011-3375 CVE-2012-0022 05 Jun 2013 7.5 (v2) High Pass Mac OS X 10.7 / 10.8 Unauthorized File Access (remote check) CVE-2013-0990 06 Jun 2013 4.9 (v2) Medium Pass SAP Control SOAP Web Service Remote Code Execution (SAP Note 1414444) 05 Jun 2013 10 (v2) Critical Pass Novell ZENworks Control Center File Upload Remote Code Execution (intrusive check) CVE-2013-1080 18 Jun 2013 10 (v2) Critical Pass ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2018-0027) (Remote Check) CVE-2018-6981 CVE-2018-6982 12 Nov 2018 8.8 (v3) High Pass Elasticsearch ESA-2017-18 CVE-2017-8447 22 Aug 2018 6.5 (v3) Medium Pass GroundWork Monitor Enterprise Default Credentials 28 Jun 2013 7.5 (v2) High Pass Cisco IOS XE Buﬀer Overﬂow Vulnerabilities (cisco-sa-sdwan-bufovulns-B5NrSHbj) CVE-2021-1300 CVE-2021-1301 23 Mar 2021 9.8 (v3) Critical Pass Joomla! Unsupported Version Detection 07 Nov 2014 10 (v3) Critical Pass Xerox ColorQube 8570 / 8870 Multiple Vulnerabilities (XRX15OA) CVE-2014-0076 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 03 Nov 2015 5.8 (v2) Medium Pass Acunetix Web Vulnerability Scanner 4 < 4.0.20060717 Denial of Service CVE-2007-0120 02 Apr 2014 1.9 (v2) Low Pass Cisco IOS XE SD-WAN Buﬀer Overﬂow Vulnerabilities (cisco-sa-sdwan-bufovulns-B5NrSHbj) CVE-2021-1300 CVE-2021-1301 23 Mar 2021 9.8 (v3) Critical Pass Mac OS X 10.6.x < 10.6.8 Multiple Vulnerabilities CVE-2009-3245 CVE-2010-0740 CVE-2010-2632 CVE-2010-3677 CVE-2010-3682 CVE-2010-3790 CVE-2010-3833 CVE-2010-3834 CVE-2010-3835 CVE-2010-3836 CVE-2010-3837 CVE-2010-3838 CVE-2010-3864 CVE-2010-4180 CVE-2010-4651 CVE-2011-0014 CVE-2011-0195 CVE-2011-0197 CVE-2011-0198 CVE-2011-0199 CVE-2011-0201 CVE-2011-0202 CVE-2011-0203 CVE-2011-0204 CVE-2011-0205 CVE-2011-0206 CVE-2011-0207 CVE-2011-0208 CVE-2011-0209 CVE-2011-0210 CVE-2011-0211 CVE-2011-0212 CVE-2011-0213 CVE-2011-0715 CVE-2011-0719 CVE-2011-113224 Jun 2011 10 (v2) Critical Pass Axon Virtual PBX /logon Multiple Parameter XSS CVE-2009-4038 12 Nov 2009 4.3 (v2) Medium Pass Zimbra Collaboration Server aspell.php dictionary Parameter XSS CVE-2013-1938 24 Feb 2014 4.3 (v2) Medium Pass VLC Web Interface XML Services XSS CVE-2013-3564 23 Jul 2013 4.3 (v2) Medium Pass OpenSSL 1.0.2 < 1.0.2e Multiple Vulnerabilities CVE-2015-1794 CVE-2015-3193 CVE-2015-3194 CVE-2015-3195 07 Dec 2015 5 (v2) Medium Pass SAXoPRESS pbcs.dll url Parameter Traversal Arbitrary File Access CVE-2006-1771 17 Apr 2006 5 (v2) Medium Pass Cisco ONS Products Remote DoS CVE-2008-3818 25 Jul 2013 7.8 (v2) High Pass Juniper Junos IPv6 over IPv4 Security Policy Bypass (PSN-2011-07-299) 22 Aug 2011 5 (v2) Medium Pass Serv-U < 14.0.2.0 FTP Server SSL Renegotiation DoS 25 Jul 2013 5 (v2) Medium Pass Xerox WorkCentre 4260 / 4265 Multiple Vulnerabilities (XRX15AV) (FREAK) (Logjam) CVE-2015-0204 CVE-2015-3963 CVE-2015-4000 11 Dec 2015 5.8 (v2) Medium Pass BigTree CMS Detection 15 Aug 2013 None Pass ZTE F460 / F660 Cable Modems web_shell_cmd.gch Administrative Backdoor CVE-2014-2321 19 Mar 2014 10 (v2) Critical Pass Mac OS X 10.7.x < 10.7.2 Multiple Vulnerabilities CVE-2010-1634 CVE-2010-2089 CVE-2011-0185 CVE-2011-0187 CVE-2011-0226 CVE-2011-0230 CVE-2011-0260 CVE-2011-1521 CVE-2011-1755 CVE-2011-1910 CVE-2011-2464 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3192 CVE-2011-3212 CVE-2011-3213 CVE-2011-3215 CVE-2011-3216 CVE-2011-3219 CVE-2011-3220 CVE-2011-3221 CVE-2011-3222 CVE-2011-3223 CVE-2011-3225 CVE-2011-3226 CVE-2011-3227 CVE-2011-3228 CVE-2011-3246 CVE-2011-3435 CVE-2011-3436 CVE-2011-343713 Oct 2011 10 (v2) Critical Pass Puppet Enterprise 3.x < 3.1.2 DTLS Retransmission DoS CVE-2013-6450 21 Mar 2014 5.8 (v2) Medium Pass MailEnable < 1.7 IMAP Server Multiple Vulnerabilities (ME-100008) CVE-2005-3690 CVE-2005-3691 20 Nov 2005 7.5 (v2) High Pass IBM WebSphere Application Server 6.0 < 6.0.2.39 Multiple Vulnerabilities CVE-2009-2747 11 Feb 2010 5 (v2) Medium Pass Splunk < 5.0.8 Unspeciﬁed XSS CVE-2014-2578 28 Mar 2014 4.3 (v2) Medium Pass Cisco Video Surveillance Manager Default Administrator Credentials 12 Sep 2013 9.8 (v3) Critical Pass PatchLink Update Server nwupload.asp Traversal Arbitrary File Write CVE-2006-3426 28 Jul 2006 5 (v2) Medium Pass Cisco Digital Media Manager < 5.3 Privilege Escalation CVE-2012-0329 18 Sep 2013 9 (v2) High Pass QNAP Photo Station < 5.7.0 Cross-Site Scripting Vulnerability CVE-2018-0715 03 Oct 2018 6.1 (v3) Medium Pass HP SiteScope SOAP Call runOMAgentCommand SOAP Request Arbitrary Remote Code Execution CVE-2013-2367 19 Sep 2013 10 (v2) Critical Pass PHP 5.5.x < 5.5.32 Multiple Vulnerabilities CVE-2015-8383 CVE-2015-8386 CVE-2015-8387 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8393 CVE-2015-8394 CVE-2016-2554 CVE-2016-434211 Feb 2016 9.8 (v3) Critical Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0009) (remote check) CVE-2012-1516 CVE-2012-1517 CVE-2012-2448 CVE-2012-2449 CVE-2012-2450 29 Feb 2016 9 (v2) High Pass Artica mailattach Parameter Directory Traversal 25 Oct 2010 7.8 (v2) High Pass Canon PIXMA Printer Administration Authentication Bypass CVE-2013-4613 07 Apr 2014 7.5 (v2) High Pass macOS < 10.14 Multiple Vulnerabilities CVE-2016-0702 CVE-2015-3194 CVE-2015-5333 CVE-2015-5334 CVE-2016-1777 CVE-2017-12613 CVE-2017-12618 CVE-2018-3639 CVE-2018-3646 CVE-2018-4126 CVE-2018-4153 CVE-2018-4203 CVE-2018-4295 CVE-2018-4304 CVE-2018-4308 CVE-2018-4310 CVE-2018-4321 CVE-2018-4324 CVE-2018-4326 CVE-2018-4331 CVE-2018-4332 CVE-2018-4333 CVE-2018-4334 CVE-2018-4336 CVE-2018-4337 CVE-2018-4338 CVE-2018-4340 CVE-2018-4341 CVE-2018-4343 CVE-2018-4344 CVE-2018-4346 CVE-2018-4347 CVE-2018-4348 CVE-2018-4350 CVE-2018-4351 CVE-2018-4353 CVE-2018-4354 CVE-2018-4355 CVE-2018-4383 CVE-2018-4393 CVE-2018-4395 CVE-2018-4396 CVE-2018-4399 CVE-2018-4401 CVE-2018-4406 CVE-2018-4407 CVE-2018-4408 CVE-2018-4411 CVE-2018-4412 CVE-2018-4414 CVE-2018-4417 CVE-2018-4418 CVE-2018-4425 CVE-2018-4426 CVE-2018-538318 Oct 2018 9.8 (v3) Critical Pass Default Password (artica) for 'root' Account CVE-1999-0502 25 Oct 2010 9.8 (v3) Critical Pass Mac OS X 10.7.x < 10.7.3 Multiple Vulnerabilities (BEAST) CVE-2011-1148 CVE-2011-1167 CVE-2011-1657 CVE-2011-1752 CVE-2011-1783 CVE-2011-1921 CVE-2011-1938 CVE-2011-2192 CVE-2011-2202 CVE-2011-2483 CVE-2011-2895 CVE-2011-2937 CVE-2011-3182 CVE-2011-3189 CVE-2011-3246 CVE-2011-3248 CVE-2011-3249 CVE-2011-3250 CVE-2011-3256 CVE-2011-3267 CVE-2011-3268 CVE-2011-3328 CVE-2011-3348 CVE-2011-3389 CVE-2011-3422 CVE-2011-3441 CVE-2011-3444 CVE-2011-3446 CVE-2011-3447 CVE-2011-3448 CVE-2011-3449 CVE-2011-3450 CVE-2011-3452 CVE-2011-3453 CVE-2011-3457 CVE-2011-3458 CVE-2011-3459 CVE-2011-3460 CVE-2011-3462 CVE-2011-346302 Feb 2012 10 (v2) Critical Pass Artica Detection 25 Oct 2010 None Pass Revive Adserver Detection 26 Jun 2014 None 101

RELAYTO Penetration Test Results - Page 101

RELAYTO Penetration Test Results Page 100