59 matches found
Authentication flaw
Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger...
CVE-2023-27388
Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to login to the product as a registered user. Affected products and versions are as follows: T&D Corporation data logger products TR-71W/72W all firmware...
PT-2023-19027 · T&D +1 · Tr-71W/72W +7
Name of the Vulnerable Software and Affected Versions: T&D Corporation data logger products versions TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions ESPEC MIC CORP. data logger products versio...
CVE-2023-27388
Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to login to the product as a registered user. Affected products and versions are as follows: T&D Corporation data logger products TR-71W/72W all firmware...
PT-2023-21090 · T&D +1 · Tr-71W/72W +7
Name of the Vulnerable Software and Affected Versions: T&D Corporation data logger products versions TR-71W/72W all firmware versions T&D Corporation data logger products versions RTR-5W all firmware versions T&D Corporation data logger products versions WDR-7 all firmware versions T&D Corporatio...
CVE-2023-23545
Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger...
CVE-2023-27388
CVE-2023-27388 covers an improper authentication flaw in T&D Corporation and ESPEC MIC CORP. data logger products. Affected models include T&D TR-71W/72W, RTR-5W, WDR-7, WDR-3, WS-2 and ESPEC MIC RT-12N/RS-12N, RT-22BN, TEU-12N all firmware versions. The vulnerability allows a remote unauthentica...
CVE-2023-22654
CVE-2023-22654 affects T&D Corporation and ESPEC MIC CORP. data loggers: TR-71W/72W, RTR-5W, WDR-7, WDR-3, WS-2; RT-12N/RS-12N, RT-22BN, TEU-12N. Issue: client-side enforcement of server-side security may allow arbitrary script execution in a logged-in user’s browser. Impact details are limited t...
CVE-2023-22654
Client-side enforcement of server-side security issue exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may lead to an arbitrary script execution on a logged-in user's web browser. Affected products and versions are as follows: T&D Corporation data logger products TR-71W/7...
CVE-2023-27387
Cross-site request forgery CSRF in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to conduct an arbitrary operation by having a logged-in user view a malicious page. Affected products and versions are as follows: T&D Corporation data logger...
CVE-2023-27387
The CVE-2023-27387 entry describes a Cross-site Request Forgery (CSRF) vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products. A remote attacker can cause arbitrary operations by luring a logged-in user to view a malicious page. Affected products include T&D TR-71W/72W, RTR-5W,...
CVE-2023-23545
Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger...
CVE-2023-23545
CVE-2023-23545 affects T&D Corporation and ESPEC MIC CORP. data logger products: TR-71W/72W, RTR-5W, WDR-7, WDR-3, WS-2 (T&D) and RT-12N/RS-12N, RT-22BN, TEU-12N (ESPEC MIC). Description confirms Missing authentication for a critical function, enabling remote unauthenticated attackers to alter pr...
Multiple vulnerabilities in T&D and ESPEC MIC data logger products
Overview Multiple data logger products provided by T Corporation and ESPEC MIC CORP. contain multiple vulnerabilities listed below. Client-side enforcement of server-side security CWE-602 - CVE-2023-22654 Improper authentication CWE-287 - CVE-2023-27388 Missing authentication for critical functio...
JVN#14778242: Multiple vulnerabilities in T&D and ESPEC MIC data logger products
Multiple data logger products provided by T&D Corporation and ESPEC MIC CORP. contain multiple vulnerabilities listed below. Client-side enforcement of server-side security CWE-602 - CVE-2023-22654 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N| Base...
Solar-Log GmbH has an unspecified vulnerability
Solar-Log GmbH is a data logger for monitoring PV plants from Solar-Log Germany. version 2.8.4-56 and 3.5.2-85 of Solar-Log GmbH contains a security vulnerability that can be exploited by attackers to cause privilege escalation...
Solar-Log GmbH 代码问题漏洞
Solar-Log GmbH is a data logger for monitoring photovoltaic PV power plants from the German company Solar-Log. A security vulnerability exists in Solar-Log GmbH versions 2.8.4-56 and 3.5.2-85, which stems from a faulty file upload in the component. An attacker could exploit the vulnerability to...
Solar-Log GmbH 安全漏洞
Solar-Log GmbH is a data logger for monitoring photovoltaic power plants from the German company Solar-Log. A security vulnerability exists in Solar-Log GmbH versions 2.8.4-56 and 3.5.2-85 that stems from a faulty component network configuration. An attacker could exploit the vulnerability to...
Solar-Log GmbH 安全漏洞
Solar-Log GmbH is a data logger for monitoring photovoltaic power plants from Solar-Log GmbH, Germany. A security vulnerability exists in Solar-Log GmbH versions 2.8.4-56 and 3.5.2-85, which stems from an unknown function of the component configuration handler. An attacker could exploit the...
Solar-Log GmbH 安全漏洞
Solar-Log GmbH is a data logger for monitoring PV plants from Solar-Log Germany. version 2.8.4-56 and 3.5.2-85 of Solar-Log GmbH contains a security vulnerability that can be exploited by attackers to cause privilege escalation...