110 matches found
EUVD-2022-50648
Malicious code in bioql PyPI...
CVE-2024-8877
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05...
CVE-2024-8878
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05...
📄 Netman 204 Authentication Bypass / Remote Code Execution
Netman 204 allows for remote command execution without authentication. Exploit Title: Netman 204 - Remote command with out authentication Date: 2/4/2025 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: netman-204 https://www.riello-ups.com/downloads/25-netman-204 Version: netman-204 Teste...
Netman 204 - Remote command without authentication
Exploit Title: Netman 204 - Remote command with out authentication Date: 2/4/2025 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: netman-204 https://www.riello-ups.com/downloads/25-netman-204 Version: netman-204 Tested on: Windows/Linux Step 1 : Attacker can using these dorks then can fi...
VulnCheck KEV: CVE-2024-8877
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05...
CVE-2024-8878
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05...
CVE-2024-8877
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05...
CVE-2024-8878
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05...
CVE-2024-8877
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05...
RIELLO UPS NetMan SQL注入漏洞
RIELLO UPS NetMan is a network adapter from RIELLO UPS, Italy. A security vulnerability exists in RIELLO UPS NetMan version 204 4.05, which stems from a forgotten password recovery mechanism that allows an attacker to reset the administrator password and take over control of the device...
RIELLO UPS NetMan SQL注入漏洞
RIELLO UPS NetMan is a network adapter from RIELLO UPS, Italy. A security vulnerability exists in RIELLO UPS NetMan version 204 4.05, which originates from improper neutralization in the presence of a particular element, resulting in a SQL injection vulnerability...
CVE-2024-8877 SQL Injection
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05...
CVE-2024-8877
Riello Netman 204 contains a SQL injection in three CGI endpoints: /cgi-bin/db_datalog_w.cgi, /cgi-bin/db_eventlog_w.cgi, and /cgi-bin/db_multimetr_w.cgi. The Nuclei template details unauthenticated SQLi that lets an attacker modify collected log data. The CVE description confirms the issue is li...
CVE-2024-8877 SQL Injection
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05...
CVE-2024-8878
CVE-2024-8878 concerns Riello NetMan 204. The vulnerability allows an unauthenticated password reset via the endpoint /recoverpassword.html, enabling an attacker to obtain the device’s netmanid and compute a recovery code to reset the admin password (admin:admin). Affected software is NetMan 204 ...
CVE-2024-8878 Unauthenticated Password Reset
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05...
Netman 204 4.05 SQL Injection / Unauthenticated Password Reset
CyberDanube Security Research 20240919-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| Netman 204 vulnerable version| 4.05 fixed version| - CVE number| CVE-2024-8877, CVE-2024-8878 impact| High homepage|...
Netman 204 4.05 SQL Injection / Unauthenticated Password Reset Vulnerabilities
------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| Netman 204 vulnerable version| 4.05 fixed version| - CVE number| CVE-2024-8877, CVE-2024-8878 impact| High homepage| https://www.riello-ups.com/ found| 2024-05-17 by| D...
PT-2024-39296 · Riello · Riello Netman 204
Name of the Vulnerable Software and Affected Versions: Riello Netman 204 versions through 4.05 Description: The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device. Recommendations: For...