CVE-2019-16734

Use of default credentials for the TELNET server in Petwant PF-103 firmware 4.3.2.50 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
skymeepetalk_ai_firmware
3.2.2.30
petwantpf-103_firmware
4.22.2.42
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://blog.securityevaluators.com/remotely-exploiting-iot-pet-feeders-21013562aea3
https://blog.securityevaluators.com/remotely-exploiting-iot-pet-feeders-21013562aea3