Lucene search
K

34 matches found

NVD
NVD
added 2019/02/12 6:29 p.m.17 views

CVE-2019-6549

An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions prior to Release R02 or Software Version 1.1.13166 through FTP...

7.2CVSS7.5AI score0.00592EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/02/12 6:0 p.m.14 views

CVE-2019-6549

An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions prior to Release R02 or Software Version 1.1.13166 through FTP...

6.9AI score0.00592EPSS
Exploits0References1
CVE
CVE
added 2019/02/12 6:0 p.m.43 views

CVE-2019-6549

CVE-2019-6549 concerns the PR100088 Modbus gateway where plain-text credentials are stored in an XML file and can be retrieved via FTP on all versions prior to Release R02 (or Software Version 1.1.13166). The issue is categorized under Information Exposure Through Get/Internal File Storage, enabl...

7.2CVSS6.8AI score0.00592EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/02/12 5:29 p.m.16 views

Authentication flaw

Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 or Software Version 1.1.13166...

6.4CVSS9.1AI score0.01226EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/02/12 5:29 p.m.2 views

CVE-2019-6527

PR100088 Modbus gateway versions prior to Release R02 or Software Version 1.1.13166 may allow an attacker to be able to change the password for an admin user who is currently or previously logged in, provided the device has not been restarted...

9.8CVSS7.2AI score0.01214EPSS
Exploits0References1
CVE
CVE
added 2019/02/12 5:0 p.m.45 views

CVE-2019-6527

CVE-2019-6527 affects Kunbus PR100088 Modbus gateway: versions prior to Release R02 (or Software Version 1.1.13166) are vulnerable to an improper authentication flaw that may allow an attacker to change an admin password for a user who is currently or previously logged in, provided the device has...

9.8CVSS9.3AI score0.01214EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/02/12 5:0 p.m.22 views

CVE-2019-6527

PR100088 Modbus gateway versions prior to Release R02 or Software Version 1.1.13166 may allow an attacker to be able to change the password for an admin user who is currently or previously logged in, provided the device has not been restarted...

9.5AI score0.01214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/02/12 12:0 a.m.4 views

PT-2019-18145 · Pr Electronics · Pr100088 Modbus Gateway

Name of the Vulnerable Software and Affected Versions: PR100088 Modbus gateway versions prior to Release R02 or Software Version 1.1.13166 Description: The issue allows registers used to store Modbus values to be read and written from the web interface without authentication. Recommendations: For...

9.1CVSS9AI score0.01226EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/02/12 12:0 a.m.3 views

PT-2019-18140 · Unknown · Modbus Gateway

Name of the Vulnerable Software and Affected Versions: Modbus gateway versions prior to Release R02 or Software Version 1.1.13166 Description: The issue allows an attacker to change the password for an admin user who is currently or previously logged in, provided the device has not been restarted...

9.8CVSS9.5AI score0.01214EPSS
Exploits0References2
ICS
ICS
added 2019/02/05 12:0 a.m.127 views

Kunbus PR100088 Modbus Gateway (Update B)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Kunbus Equipment: PR100088 Modbus gateway Vulnerabilities: Improper Authentication, Information Exposure Through Query Strings in GET Request, Missing Authentication for Critical Function, Imprope...

9.8CVSS8.1AI score0.01226EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2017/06/02 12:0 a.m.15 views

Advantech MESR901 Detection

Detection of Advantech MESR901 Industrial Modbus Copper Ethernet to Serial Gateway. The script sends a connection request to the server and attempts to detect Advantech MESR901 Modbus Gateway devices and to extract its firmware version. SPDX-FileCopyrightText: 2017 Greenbone AG Some text...

7AI score
Exploits0References1
CNVD
CNVD
added 2017/05/03 12:0 a.m.3 views

Advantech B + B SmartWorx MESR901 Authentication Bypass Vulnerability

Advantech B + B SmartWorx MESR901 is a Modbus gateway. An authentication bypass vulnerability exists in Advantech B + B SmartWorx MESR901. An attacker can exploit the vulnerability to carry out authentication mechanisms and perform unauthorized operations, leading to further attacks...

9.8CVSS7.1AI score0.02616EPSS
Exploits0References1
ICS
ICS
added 2017/05/02 12:0 a.m.38 views

Advantech B+B SmartWorx MESR901

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Advantech B+B SmartWorx Equipment: MESR901 Vulnerability: Use of Client-Side Authentication AFFECTED PRODUCTS The following versions of MESR901, a Modbus gateway, are affected: MESR901 firmware versions 1.5.2 and prio...

9.8CVSS10AI score0.02616EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2015/12/02 12:29 p.m.11 views

Advantech EKI Vulnerable to Shellshock, Heartbleed

Twice in the past year, security researchers have found and reported critical vulnerabilities in Modbus gateways built by Advantech that are used to connect serial devices in industrial control environments to IP networks. Most recently, independent security researcher Neil Smith found hard-coded...

8.2AI score
Exploits0References9
Rows per page
Query Builder