Datto » Alto 2 Firmware : Security Vulnerabilities, CVEs, CVSS score >= 5
Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information via access to device/VM restore mount points, because they do not have ACLs by default.
Max CVSS
5.3
EPSS Score
0.13%
Published
2018-02-20
Updated
2018-03-19
Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information about data, software versions, configuration, and virtual machines via a request to a Web Virtual Directory.
Max CVSS
5.3
EPSS Score
0.13%
Published
2018-02-20
Updated
2018-03-19
Datto ALTO and SIRIS devices have a default VNC password.
Max CVSS
9.8
EPSS Score
0.19%
Published
2018-02-20
Updated
2018-03-19
Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts.
Max CVSS
9.8
EPSS Score
0.74%
Published
2018-02-20
Updated
2018-03-19
4 vulnerabilities found