CVE-2024-49399

CVE-2024-49399 affects Elvaco M-Bus Metering Gateway CMe3100 (version 1.12.1). The Red Hat/NVD/CISA-related entries describe a Missing Authentication for Critical Function: an attacker can issue commands without a password, potentially leaking information. Public documents identify the device as ...

CVE-2024-49398 Unrestricted Upload of File with Dangerous Type in Elvaco M-Bus Metering Gateway CMe3100

The affected product is vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute code...

CVE-2024-49397 Cross-site Scripting in Elvaco M-Bus Metering Gateway CMe3100

The affected product is vulnerable to a cross-site scripting attack which may allow an attacker to bypass authentication and takeover admin accounts...

CVE-2024-49397

Elvaco M-Bus Metering Gateway CMe3100 (version 1.12.1) is affected by CVE-2024-49397, a cross-site scripting (CWE-79) vulnerability in the web interface that can bypass authentication and potentially takeover the administrator account. The issue is documented in multiple sources (e.g., Red Hat, C...

CVE-2024-49396 Insufficiently Protected Credentials in Elvaco M-Bus Metering Gateway CMe3100

The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information...

CVE-2024-49396

CVE-2024-49396 affects Elvaco M-Bus Metering Gateway CMe3100 (version 1.12.1). The flaw is insufficiently protected credentials, enabling an attacker to impersonate Elvaco and send false information. Public documentation from CISA/ICSA notes remote exploitation with low attack complexity and prov...

Elvaco M-Bus Metering Gateway CMe3100 (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION : Exploitable remotely/low attack complexity Vendor : Elvaco Equipment : M-Bus Metering Gateway CMe3100 Vulnerabilities : Missing Authentication for Critical Function, Unrestricted Upload of File with Dangerous Type, Improper Neutralization of...

Elvaco M-Bus Metering Gateway CMe3100 代码问题漏洞

Elvaco M-Bus Metering Gateway CMe3100 is an M-Bus metering gateway for fixed networks from Elvaco. A file upload vulnerability exists in the Elvaco M-Bus Metering Gateway CMe3100 version 1.12.1, which can be exploited by an attacker to remotely execute code...

PT-2024-33509 · Elvaco · M-Bus Metering Gateway Cme3100 +1

Name of the Vulnerable Software and Affected Versions: The affected product affected versions not specified Description: The issue allows an attacker to use commands without providing a password, potentially leading to information leakage. Recommendations: At the moment, there is no information...

Elvaco M-Bus Metering Gateway CMe3100 跨站脚本漏洞

Elvaco M-Bus Metering Gateway CMe3100 is an M-Bus metering gateway for fixed networks from Elvaco. A cross-site scripting vulnerability exists in Elvaco M-Bus Metering Gateway CMe3100 version 1.12.1, which can be exploited by an attacker to bypass authentication and take over the administrator...

Elvaco M-Bus Metering Gateway CMe3100 安全漏洞

Elvaco M-Bus Metering Gateway CMe3100 is an M-Bus metering gateway for fixed networks from Elvaco. A security vulnerability in Elvaco M-Bus Metering Gateway CMe3100 version 1.12.1, which stems from insufficient credential protection, can be exploited by an attacker to impersonate Elvaco and send ...