3642 matches found
CVE-2023-39171
SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials...
CVE-2023-39171
SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials...
Command injection
SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials...
CVE-2023-39171 SENEC Storage Box V1,V2 and V3 accidentially expose a management interface
SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials...
CVE-2023-39171
CVE-2023-39171 affects SENEC Storage Box V1, V2 and V3, where the management UI is exposed publicly with known admin credentials. The common description across sources confirms an unauthorized admin access risk due to credentials exposure, enabling administration UI access. The CVSS v3.1 base sco...
CVE-2023-39167
In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data...
CVE-2023-39167
In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data...
Code injection
In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data...
CVE-2023-39169 SENEC: Storage Box V1,V2 and V3 using default credentials
The affected devices use publicly available default credentials with administrative privileges...
CVE-2023-39167 SENEC: Storage Box V1,V2 and V3 affected by improper access control vulnerability
In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data...
CVE-2023-39172 SENEC: Storage Box V1,V2 and V3 transmitting sensitive data unencrypted
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network traffic...
PT-2023-26827 · Senec +1 · Storage Box V1 +3
Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue allows a remote unauthenticated attacker to capture and modify network traffic because sensitive information is transmitted unencrypted. Recommendations: At the moment, there is ...
PT-2023-26823 · Senec +1 · Storage Box V1 +3
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns devices that use publicly available default credentials with administrative privileges. This allows unauthorized access with elevated...
PT-2023-26821 · Senec · Senec Storage Box
Name of the Vulnerable Software and Affected Versions: SENEC Storage Box versions V1, V2, and V3 Description: An unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data. Recommendations: For versions V1, V2, and V3, restrict access to the logfiles to prevent...
EnBw SENEC Legacy Storage Box Security Vulnerability
The EnBw SENEC Legacy Storage Box is a series of storage boxes from the German company EnBw. A security vulnerability exists in EnBw SENEC Legacy Storage Box versions V1, V2, and V3, which stems from an administrator credentials disclosure, and can be exploited by an attacker to gain access to th...
CVE-2023-48952
An issue in the boxdeserializereusing function in openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...
CVE-2023-47304
An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device...
CVE-2023-47304
An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device...
Authentication flaw
An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device...
Vonage Box Telephone Adapter VDV23 Security Vulnerability
Vonage Box Telephone Adapter VDV23 is a telephone adapter from Vonage USA. A security vulnerability exists in the Vonage Box Telephone Adapter VDV23, version VDV21-3.2.11-0.5.1, which originated from a vulnerability that allows a local attacker to bypass UART authentication and read or write...