CVE-2020-21995

CRITICAL

Inim Smartliving 505 Firmware < 6.0 - Hard-coded Credentials

Title source: rule

Description

Inim Electronics Smartliving SmartLAN/G/SI <=6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system.

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textlocalhardware

https://www.exploit-db.com/exploits/47763

View Code ZIP pw:eip

References (2)

[Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/47763

[Third Party Advisory] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5546.php

Scores

CVSS v3 9.8

EPSS 0.0066

EPSS Percentile 71.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-798

Status published

Products (6)

inim/smartliving_10100l_firmware < 6.0

inim/smartliving_10100lg3_firmware < 6.0

inim/smartliving_1050_firmware < 6.0

inim/smartliving_1050g3_firmware < 6.0

inim/smartliving_505_firmware < 6.0

inim/smartliving_515_firmware < 6.0

Published Apr 29, 2021

Tracked Since Feb 18, 2026