Lucene search
K

59 matches found

Prion
Prion
added 2023/05/23 2:15 a.m.15 views

Authentication flaw

Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger...

5CVSS6.5AI score0.00835EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/05/23 12:0 a.m.25 views

CVE-2023-27388

Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to login to the product as a registered user. Affected products and versions are as follows: T&D Corporation data logger products TR-71W/72W all firmware...

9.8AI score0.01252EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/23 12:0 a.m.6 views

PT-2023-19027 · T&D +1 · Tr-71W/72W +7

Name of the Vulnerable Software and Affected Versions: T&D Corporation data logger products versions TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions ESPEC MIC CORP. data logger products versio...

5.3CVSS7.2AI score0.00835EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2023/05/23 12:0 a.m.10 views

CVE-2023-27388

Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to login to the product as a registered user. Affected products and versions are as follows: T&D Corporation data logger products TR-71W/72W all firmware...

9.7AI score0.01252EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/23 12:0 a.m.7 views

PT-2023-21090 · T&D +1 · Tr-71W/72W +7

Name of the Vulnerable Software and Affected Versions: T&D Corporation data logger products versions TR-71W/72W all firmware versions T&D Corporation data logger products versions RTR-5W all firmware versions T&D Corporation data logger products versions WDR-7 all firmware versions T&D Corporatio...

9.8CVSS7.4AI score0.01252EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/05/23 12:0 a.m.12 views

CVE-2023-23545

Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger...

6.6AI score0.00835EPSS
Exploits0References3
CVE
CVE
added 2023/05/23 12:0 a.m.60 views

CVE-2023-27388

CVE-2023-27388 covers an improper authentication flaw in T&D Corporation and ESPEC MIC CORP. data logger products. Affected models include T&D TR-71W/72W, RTR-5W, WDR-7, WDR-3, WS-2 and ESPEC MIC RT-12N/RS-12N, RT-22BN, TEU-12N all firmware versions. The vulnerability allows a remote unauthentica...

9.8CVSS9.4AI score0.01252EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/05/23 12:0 a.m.68 views

CVE-2023-22654

CVE-2023-22654 affects T&D Corporation and ESPEC MIC CORP. data loggers: TR-71W/72W, RTR-5W, WDR-7, WDR-3, WS-2; RT-12N/RS-12N, RT-22BN, TEU-12N. Issue: client-side enforcement of server-side security may allow arbitrary script execution in a logged-in user’s browser. Impact details are limited t...

5.4CVSS5.7AI score0.00508EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/05/23 12:0 a.m.28 views

CVE-2023-22654

Client-side enforcement of server-side security issue exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may lead to an arbitrary script execution on a logged-in user's web browser. Affected products and versions are as follows: T&D Corporation data logger products TR-71W/7...

6.9AI score0.00508EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/05/23 12:0 a.m.23 views

CVE-2023-27387

Cross-site request forgery CSRF in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to conduct an arbitrary operation by having a logged-in user view a malicious page. Affected products and versions are as follows: T&D Corporation data logger...

9.4AI score0.00452EPSS
Exploits0References3
CVE
CVE
added 2023/05/23 12:0 a.m.55 views

CVE-2023-27387

The CVE-2023-27387 entry describes a Cross-site Request Forgery (CSRF) vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products. A remote attacker can cause arbitrary operations by luring a logged-in user to view a malicious page. Affected products include T&D TR-71W/72W, RTR-5W,...

8.8CVSS8.7AI score0.00452EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/05/23 12:0 a.m.21 views

CVE-2023-23545

Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger...

6.8AI score0.00835EPSS
Exploits0References3
CVE
CVE
added 2023/05/23 12:0 a.m.49 views

CVE-2023-23545

CVE-2023-23545 affects T&D Corporation and ESPEC MIC CORP. data logger products: TR-71W/72W, RTR-5W, WDR-7, WDR-3, WS-2 (T&D) and RT-12N/RS-12N, RT-22BN, TEU-12N (ESPEC MIC). Description confirms Missing authentication for a critical function, enabling remote unauthenticated attackers to alter pr...

5.3CVSS5.5AI score0.00835EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/05/19 6:21 a.m.5 views

Multiple vulnerabilities in T&D and ESPEC MIC data logger products

Overview Multiple data logger products provided by T Corporation and ESPEC MIC CORP. contain multiple vulnerabilities listed below. Client-side enforcement of server-side security CWE-602 - CVE-2023-22654 Improper authentication CWE-287 - CVE-2023-27388 Missing authentication for critical functio...

9.8CVSS6.9AI score0.01252EPSS
Exploits0References14
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/05/19 12:0 a.m.46 views

JVN#14778242: Multiple vulnerabilities in T&D and ESPEC MIC data logger products

Multiple data logger products provided by T&D Corporation and ESPEC MIC CORP. contain multiple vulnerabilities listed below. Client-side enforcement of server-side security CWE-602 - CVE-2023-22654 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N| Base...

9.8CVSS7.1AI score0.01252EPSS
Exploits0
CNVD
CNVD
added 2022/06/10 12:0 a.m.23 views

Solar-Log GmbH has an unspecified vulnerability

Solar-Log GmbH is a data logger for monitoring PV plants from Solar-Log Germany. version 2.8.4-56 and 3.5.2-85 of Solar-Log GmbH contains a security vulnerability that can be exploited by attackers to cause privilege escalation...

9.8CVSS3.9AI score0.0102EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/06/09 12:0 a.m.4 views

Solar-Log GmbH 代码问题漏洞

Solar-Log GmbH is a data logger for monitoring photovoltaic PV power plants from the German company Solar-Log. A security vulnerability exists in Solar-Log GmbH versions 2.8.4-56 and 3.5.2-85, which stems from a faulty file upload in the component. An attacker could exploit the vulnerability to...

9.8CVSS8.4AI score0.00965EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/06/09 12:0 a.m.5 views

Solar-Log GmbH 安全漏洞

Solar-Log GmbH is a data logger for monitoring photovoltaic power plants from the German company Solar-Log. A security vulnerability exists in Solar-Log GmbH versions 2.8.4-56 and 3.5.2-85 that stems from a faulty component network configuration. An attacker could exploit the vulnerability to...

9.8CVSS8.3AI score0.00807EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/06/09 12:0 a.m.6 views

Solar-Log GmbH 安全漏洞

Solar-Log GmbH is a data logger for monitoring photovoltaic power plants from Solar-Log GmbH, Germany. A security vulnerability exists in Solar-Log GmbH versions 2.8.4-56 and 3.5.2-85, which stems from an unknown function of the component configuration handler. An attacker could exploit the...

7.5CVSS7.2AI score0.00995EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/06/09 12:0 a.m.5 views

Solar-Log GmbH 安全漏洞

Solar-Log GmbH is a data logger for monitoring PV plants from Solar-Log Germany. version 2.8.4-56 and 3.5.2-85 of Solar-Log GmbH contains a security vulnerability that can be exploited by attackers to cause privilege escalation...

9.8CVSS5.6AI score0.0102EPSS
Exploits1References3
Rows per page
Query Builder