113 matches found
PT-2024-33307 · Unknown · Ventilator
Name of the Vulnerable Software and Affected Versions: Ventilator affected versions not specified Description: The ventilator's serial interface has its debug port enabled by default, allowing an attacker to send and receive unencrypted messages. This could result in unauthorized disclosure of...
Ubiquiti AirMax 安全漏洞
Ubiquiti airMAX is a type of outdoor radio from Ubiquiti USA. A security vulnerability exists in Ubiquiti AirMax. An attacker exploited the vulnerability to obtain a privileged command shell via the UART debug port...
GNCC GC2 安全漏洞
The GNCC GC2 is an indoor security camera from GNCC. A security vulnerability exists in GNCC GC2. An attacker exploited the vulnerability to obtain a privileged command shell via the UART debug port...
GNCC GC2 安全漏洞
The GNCC GC2 is an indoor security camera from GNCC. A security vulnerability exists in the GNCC GC2 that stems from the ability to read WiFi passwords via the UART debug port...
RICOH Multiple Products Debug Port Available (CVE-2019-14302)
On Ricoh SP C250DN 1.06 devices, a debug port can be used. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid501992; scriptversion"1.2";...
Siemens SICAM A8000 Use of Hard-Coded Credentials (CVE-2021-45033)
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70C All versions V16.20, CP-8000 MASTER MODULE WITH I/O -40/+70C All versions V16.20, CP-8021 MASTER MODULE All versions V16.20, CP-8022 MASTER MODULE WITH GPRS All versions V16.20. An undocumented debug port uses hard-cod...
CVE-2022-43977
An issue was discovered on GE Grid Solutions MS3000 devices before 3.7.6.25p03.2.2.17p04.7p0. The debug port accessible via TCP a qconn service lacks access control...
Improper access control
An issue was discovered on GE Grid Solutions MS3000 devices before 3.7.6.25p03.2.2.17p04.7p0. The debug port accessible via TCP a qconn service lacks access control...
CVE-2022-43977
An issue was discovered on GE Grid Solutions MS3000 devices before 3.7.6.25p03.2.2.17p04.7p0. The debug port accessible via TCP a qconn service lacks access control...
PT-2023-14419 · Ge Grid Solutions · Ge Grid Solutions Ms3000
Name of the Vulnerable Software and Affected Versions: GE Grid Solutions MS3000 versions prior to 3.7.6.25p0 3.2.2.17p0 4.7p0 Description: An issue was discovered where the debug port accessible via TCP, utilizing a qconn service, lacks access control. This issue affects GE Grid Solutions MS3000...
CVE-2022-43977
An issue was discovered on GE Grid Solutions MS3000 devices before 3.7.6.25p03.2.2.17p04.7p0. The debug port accessible via TCP a qconn service lacks access control...
CVE-2022-43977
GE Grid Solutions MS3000 devices are affected (versions before 3.7.6.25p0_3.2.2.17p0_4.7p0). The issue is an access-control flaw in the qconn TCP debug port, allowing unauthenticated network access to the debug interface. The root cause is lack of access control on the debug port, per multiple so...
Zoom Client 安全漏洞
Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability exists in Zoom Client for Meetings version 5.10.6 through versions prior to 5.12.0, which stems from an incorrectly configured debug port...
GHSA-WQ4C-WM6X-JW44 Withdrawn Advisory: Node.js Inspector RCE via DNS Rebinding
Withdrawn Advisory This advisory has been withdrawn because this vulnerability affects inspector code in https://github.com/nodejs/node, not the legacy debugger at https://github.com/node-inspector/node-inspector. https://github.com/nodejs/node is not in a supported ecosystem. Original Descriptio...
PT-2022-2314 · Cisco · Cisco Rcm For Cisco Staros
Name of the Vulnerable Software and Affected Versions: Cisco RCM for Cisco StarOS Software affected versions not specified Description: A vulnerability in the debug function of Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform debug actions, potentiall...
Siemens SICAM A8000 Hardcoded Voucher Vulnerability
The SICAM A8000 is used for automation applications in all areas of remote control and energy supply. A hard-coded credentials vulnerability exists in the Siemens SICAM A8000, which can be exploited by an attacker to enable the debug port using default credentials...
CVE-2021-45033
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C All versions V16.20, CP-8000 MASTER MODULE WITH I/O -40/+70°C All versions V16.20, CP-8021 MASTER MODULE All versions V16.20, CP-8022 MASTER MODULE WITH GPRS All versions V16.20. An undocumented debug port uses...
CVE-2021-45033
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C All versions V16.20, CP-8000 MASTER MODULE WITH I/O -40/+70°C All versions V16.20, CP-8021 MASTER MODULE All versions V16.20, CP-8022 MASTER MODULE WITH GPRS All versions V16.20. An undocumented debug port uses...
Hardcoded credentials
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C All versions V16.20, CP-8000 MASTER MODULE WITH I/O -40/+70°C All versions V16.20, CP-8021 MASTER MODULE All versions V16.20, CP-8022 MASTER MODULE WITH GPRS All versions V16.20. An undocumented debug port uses...
CVE-2021-45033
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C All versions V16.20, CP-8000 MASTER MODULE WITH I/O -40/+70°C All versions V16.20, CP-8021 MASTER MODULE All versions V16.20, CP-8022 MASTER MODULE WITH GPRS All versions V16.20. An undocumented debug port uses...