19 matches found
EUVD-2022-46417
Malicious code in bioql PyPI...
EUVD-2022-46415
Malicious code in bioql PyPI...
EUVD-2022-46416
Malicious code in bioql PyPI...
CVE-2022-43378
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
Design/Logic Flaw
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43377
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43376
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
Authentication flaw
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
Cross site scripting
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43378
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43378
CVE-2022-43378 affects Schneider Electric NetBotz 4 (devices 355/450/455/550/570) up to version 4.7.0 and prior. The vulnerability is CWE-1021: improper restriction of rendered UI layers or frames, which could let an attacker trick a user into performing unintended actions when external address f...
CVE-2022-43378
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43377
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43377
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43377
CVE-2022-43377 affects Schneider Electric NetBotz 4 (versions ≤ 4.7.0). The root cause is CWE-307: improper restriction of excessive authentication attempts, enabling potential account takeover via brute force over the network. Affected: NetBotz 4 355/450/455/550/570 (V4.7.0 and prior). CVSSv3.1 ...
CVE-2022-43376
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...
CVE-2022-43376
CVE-2022-43376 is a Cross-site Scripting (CWE-79) vulnerability in Schneider Electric NetBotz NetBotz 4 series (versions 4.7.0 and prior; affected models include 355/450/455/550/570). The issue arises from improper neutralization of input during web page generation, enabling code and session mani...
PT-2022-5354 · Netbotz 4 · Netbotz 4
Name of the Vulnerable Software and Affected Versions: NetBotz 4 versions 4.7.0 and prior Description: The issue arises from inadequate protection of the web page structure, potentially allowing a remote attacker to execute arbitrary code. This is related to a Cross-site Scripting vulnerability,...
PT-2022-6688 · Netbotz 4 · Netbotz 4
Name of the Vulnerable Software and Affected Versions: NetBotz 4 versions 4.7.0 and prior Description: A vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. This issue is related to improper...