[Suggested description]
An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25.
Authentication to the device is based on a username and password. The
root credentials are the same across all devices of this model.

------------------------------------------

[Vulnerability Type]
Incorrect Access Control

------------------------------------------

[Vendor of Product]
Luvion

------------------------------------------

[Affected Product Code Base]
Luvion Grand Elite 3 Connect - Could not be determined

------------------------------------------

[Affected Component]
Underlying linux system.

------------------------------------------

[Attack Type]
Remote

------------------------------------------

[Impact Code execution]
true

------------------------------------------

[Attack Vectors]
Any attacker with network access can exploit this vulnerability.

------------------------------------------

[Discoverer]
Willem Westerhof, Jasper Nota, Jim Blankendaal, Martijn Baalman from Qbit in assignment of Consumentenbond.

------------------------------------------

[Reference]
N/A
Use CVE-2020-11925.