16 matches found
PT-2025-48770
Name of the Vulnerable Software and Affected Versions Iskra iHUB and iHUB Lite affected versions not specified Description The Iskra iHUB and iHUB Lite smart metering gateway’s web management interface is accessible without authentication. This allows unauthenticated users to access and modify...
Elvaco M-Bus Metering Gateway CMe3100 Access Control Error Vulnerability
Elvaco M-Bus Metering Gateway CMe3100 is an M-Bus metering gateway for fixed networks from Elvaco. An access control error vulnerability exists in the Elvaco M-Bus Metering Gateway CMe3100 version 1.12.1, which can be exploited by an attacker to use commands without providing a password, resultin...
Elvaco M-Bus Metering Gateway CMe3100 Cross-Site Scripting Vulnerability
Elvaco M-Bus Metering Gateway CMe3100 is an M-Bus metering gateway for fixed networks from Elvaco. A cross-site scripting vulnerability exists in Elvaco M-Bus Metering Gateway CMe3100 version 1.12.1, which can be exploited by an attacker to bypass authentication and take over the administrator...
Unspecified Vulnerability in Elvaco M-Bus Metering Gateway CMe3100
Elvaco M-Bus Metering Gateway CMe3100 is an M-Bus metering gateway for fixed networks from Elvaco. A security vulnerability in Elvaco M-Bus Metering Gateway CMe3100 version 1.12.1, which stems from insufficient credential protection, can be exploited by an attacker to impersonate Elvaco and send ...
CVE-2024-49399 Missing Authentication for Critical Function in Elvaco M-Bus Metering Gateway CMe3100
The affected product is vulnerable to an attacker being able to use commands without providing a password which may allow an attacker to leak information...
CVE-2024-49399 Missing Authentication for Critical Function in Elvaco M-Bus Metering Gateway CMe3100
The affected product is vulnerable to an attacker being able to use commands without providing a password which may allow an attacker to leak information...
CVE-2024-49398 Unrestricted Upload of File with Dangerous Type in Elvaco M-Bus Metering Gateway CMe3100
The affected product is vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute code...
CVE-2024-49398
The CVE-2024-49398 entry concerns Elvaco M-Bus Metering Gateway CMe3100, affected in version 1.12.1. It describes an Unrestricted Upload of File with a Dangerous Type (CWE-434) vulnerability that may allow remote code execution. Contained documents indicate the issue enables remote execution with...
CVE-2024-49397 Cross-site Scripting in Elvaco M-Bus Metering Gateway CMe3100
The affected product is vulnerable to a cross-site scripting attack which may allow an attacker to bypass authentication and takeover admin accounts...
CVE-2024-49397 Cross-site Scripting in Elvaco M-Bus Metering Gateway CMe3100
The affected product is vulnerable to a cross-site scripting attack which may allow an attacker to bypass authentication and takeover admin accounts...
CVE-2024-49397
Elvaco M-Bus Metering Gateway CMe3100 (version 1.12.1) is affected by CVE-2024-49397, a cross-site scripting (CWE-79) vulnerability in the web interface that can bypass authentication and potentially takeover the administrator account. The issue is documented in multiple sources (e.g., Red Hat, C...
CVE-2024-49396 Insufficiently Protected Credentials in Elvaco M-Bus Metering Gateway CMe3100
The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information...
CVE-2024-49396 Insufficiently Protected Credentials in Elvaco M-Bus Metering Gateway CMe3100
The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information...
Elvaco M-Bus Metering Gateway CMe3100 (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION : Exploitable remotely/low attack complexity Vendor : Elvaco Equipment : M-Bus Metering Gateway CMe3100 Vulnerabilities : Missing Authentication for Critical Function, Unrestricted Upload of File with Dangerous Type, Improper Neutralization of...
PT-2024-33509 · Elvaco · M-Bus Metering Gateway Cme3100 +1
Name of the Vulnerable Software and Affected Versions: The affected product affected versions not specified Description: The issue allows an attacker to use commands without providing a password, potentially leading to information leakage. Recommendations: At the moment, there is no information...
Elvaco M-Bus Metering Gateway CMe3100 访问控制错误漏洞
Elvaco M-Bus Metering Gateway CMe3100 is an M-Bus metering gateway for fixed networks from Elvaco. An access control error vulnerability exists in the Elvaco M-Bus Metering Gateway CMe3100 version 1.12.1, which can be exploited by an attacker to use commands without providing a password, resultin...