21 matches found
EUVD-2024-16816
Malicious code in bioql PyPI...
CVE-2024-1040
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...
CVE-2024-1039
Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device...
CVE-2024-1039
Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device...
CVE-2024-1040
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...
CVE-2024-1040
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...
Design/Logic Flaw
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...
Hardcoded credentials
Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device...
CVE-2024-1040 Use of a Broken or Risky Cryptographic Algorithm in Gessler GmbH WEB-MASTER
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...
CVE-2024-1040 Use of a Broken or Risky Cryptographic Algorithm in Gessler GmbH WEB-MASTER
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...
CVE-2024-1040
CVE-2024-1040 affects Gessler GmbH WEB-MASTER, specifically version 7.9, where user passwords are stored using a weak hashing algorithm. The weakness allows an attacker to restore passwords by breaking the stored hashes (confirmed by multiple sources in connected documents). This vulnerability ha...
CVE-2024-1039 Use of Hard-coded Credentials in Gessler GmbH WEB-MASTER
Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device...
CVE-2024-1039 Use of Hard-coded Credentials in Gessler GmbH WEB-MASTER
Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device...
CVE-2024-1039
CVE-2024-1039 – Gessler GmbH WEB-MASTER is a vulnerability in the WEB-MASTER emergency lighting management system (affected version: 7.9) caused by a restoration account that uses weak, hard-coded credentials. An attacker could remotely take control of the device’s web management (CVSS v3.1 base ...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on February 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-032-01 Gessler GmbH WEB-MASTER ICSA-24-032-03 AVEVA Edge products formerly known as...
Gessler GmbH WEB-MASTER
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable Remotely/Low attack complexity Vendor : Gessler GmbH Equipment : WEB-MASTER Vulnerabilities : Use of Weak Credentials, Use of Weak Hash 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a user to take...
PT-2024-16239 · Gessler Gmbh · Web-Master
Name of the Vulnerable Software and Affected Versions: Gessler GmbH WEB-MASTER affected versions not specified Description: The issue concerns a restoration account in Gessler GmbH WEB-MASTER that utilizes weak, hard-coded credentials. If exploited, this could grant an attacker control over the...
Gessler GmbH WEB-MASTER Authorization Issue Vulnerability
Gessler GmbH WEB-MASTER is an emergency lighting management system from Gessler GmbH, Germany. A security vulnerability exists in Gessler GmbH WEB-MASTER version 7.9, which stems from the use of weakly hard-coded credentials to recover accounts, and which could be exploited by an attacker to take...
Gessler GmbH WEB-MASTER Encryption Problem Vulnerability
Gessler GmbH WEB-MASTER is an emergency lighting management system from Gessler GmbH, Germany. A security vulnerability exists in Gessler GmbH WEB-MASTER version 7.9, which stems from the use of a weak hash algorithm for storing user accounts, and allows an attacker to recover passwords by...
PT-2024-16246 · Gessler Gmbh · Web-Master
Name of the Vulnerable Software and Affected Versions: Gessler GmbH WEB-MASTER affected versions not specified Description: The issue concerns the use of a weak hashing algorithm for storing user account passwords. An attacker can potentially restore passwords by breaking the hashes stored on the...