44 matches found
EUVD-2022-35442
Malicious code in bioql PyPI...
EUVD-2022-35438
Malicious code in bioql PyPI...
EUVD-2022-35444
Malicious code in bioql PyPI...
EUVD-2022-35439
Malicious code in bioql PyPI...
EUVD-2022-35440
Malicious code in bioql PyPI...
EUVD-2022-35441
Malicious code in bioql PyPI...
EUVD-2022-35443
Malicious code in bioql PyPI...
Schneider Electric Wiser Smart Improper Input Validation (CVE-2022-30233)
A CWE-20: Improper Input Validation vulnerability exists that could allow the product to be maliciously manipulated when the user is tricked into performing certain actions on a webpage. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior This plugin only works with Tenable.ot...
The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, arises from the use of rigidly encrypted account data. This allows a intruder to execute arbitrary codes.
The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, lies in the use of strictly encrypted user credentials. Exploiting this vulnerability could allow an attacker to execute arbitrary codes remotely...
The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, related to authentication process errors, allows unauthorized access by attackers to protected information.
The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, relates to authentication process errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected informatio...
The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, related to insufficient validation of input data, allows attackers to exploit this to increase their privileges.
The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, relates to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to enhance their privileges through a...
CVE-2022-30237
A CWE-311: Missing Encryption of Sensitive Data vulnerability exists that could allow authentication credentials to be recovered when an attacker breaks the encoding. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30236
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow unauthorized access when an attacker uses cross-domain attacks. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30234
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to be executed when root level access is obtained. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30233
A CWE-20: Improper Input Validation vulnerability exists that could allow the product to be maliciously manipulated when the user is tricked into performing certain actions on a webpage. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30235
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow unauthorized access when an attacker uses brute force. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30235
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow unauthorized access when an attacker uses brute force. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30233
A CWE-20: Improper Input Validation vulnerability exists that could allow the product to be maliciously manipulated when the user is tricked into performing certain actions on a webpage. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30236
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow unauthorized access when an attacker uses cross-domain attacks. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30237
A CWE-311: Missing Encryption of Sensitive Data vulnerability exists that could allow authentication credentials to be recovered when an attacker breaks the encoding. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...