Lucene search
K

8 matches found

Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.164 views

Carlo Gavazzi Energy Meters Login Brute Force, Extract Info And Dump Plant Database

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Carlo Gavazzi Energy Meters - Login Brute Force, Extract Info and Dump Plant Database', 'Description' = % This module scans for Carlo Gavazzi...

7.5CVSS7.1AI score0.09317EPSS
Exploits2
CNVD
CNVD
added 2021/08/26 12:0 a.m.8 views

SQL Injection Vulnerability in Smart Meter Integrated Management System of Xintian Technology Corporation (CNVD-2021-70022)

Xintian Technology Co., Ltd. is a professional manufacturer and supplier of water meters, energy meters and gas meters. A SQL injection vulnerability exists in the Smart Meter Integrated Management System of Xintian Technology Corporation, which can be exploited by attackers to obtain sensitive...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/08/26 12:0 a.m.10 views

SQL Injection Vulnerability in Smart Meter Integrated Management System of Xintian Technology Corporation (CNVD-2021-70043)

Xintian Technology Co., Ltd. is a professional manufacturer and supplier of water meters, energy meters and gas meters. A SQL injection vulnerability exists in the Smart Meter Integrated Management System of Xintian Technology Corporation, which can be exploited by attackers to obtain sensitive...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/08/10 12:0 a.m.14 views

SQL Injection Vulnerability in Smart Meter Integrated Management System of Xintian Technology Co.

Xintian Technology Co., Ltd. is a professional manufacturer and supplier of water meters, energy meters and gas meters. A SQL injection vulnerability exists in the Smart Meter Integrated Management System of Xintian Technology Corporation, which can be exploited by attackers to obtain sensitive...

7.5AI score
Exploits0
OSV
OSV
added 2020/02/25 7:15 p.m.2 views

CVE-2020-8809

Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attack...

8.1CVSS7.6AI score
Exploits0References2
Prion
Prion
added 2020/02/25 7:15 p.m.17 views

Code injection

Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attack...

6.8CVSS8.3AI score0.02107EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2020/02/25 6:57 p.m.23 views

CVE-2020-8809

Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attack...

8.2AI score0.01033EPSS
Exploits1References2
Metasploit
Metasploit
added 2017/02/11 5:48 a.m.51 views

Carlo Gavazzi Energy Meters - Login Brute Force, Extract Info and Dump Plant Database

This module scans for Carlo Gavazzi Energy Meters login portals, performs a login brute force attack, enumerates device firmware version, and attempt to extract the SMTP configuration. A valid, admin privileged user is required to extract the SMTP password. In some older firmware versions, the SM...

7.5CVSS7AI score0.09317EPSS
Exploits2
Rows per page
Query Builder