CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2023/06/21 12:47 p.m.•21 views

CVE-2022-3372 Cross-Site Request Forgery (CSRF) in Riello UPS Netman-204

8.8CVSS9AI score0.0028EPSS

CVE•added 2023/06/21 12:47 p.m.•41 views

CVE-2022-3372

CVE-2022-3372 describes a CSRF vulnerability in Riello UPS NetMan-204 (version 02.05). The issue arises from lack of proper validation on CSRF tokens, enabling an attacker to change administrator passwords and potentially modify other critical admin parameters via forged requests, potentially gra...

8.8CVSS8.9AI score0.0028EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/06/21 12:0 a.m.•5 views

RIELLO UPS NetMan 204 跨站请求伪造漏洞

Riello Ups RIELLO UPS NetMan is a network adapter from the Italian company Riello Ups. A security vulnerability exists in RIELLO UPS NetMan version 204 02.05, which stems from the lack of proper validation of CRSF tokens and a CSRF vulnerability that allows an attacker to try to change the...

8.8CVSS7.7AI score0.0028EPSS

OpenVAS•added 2023/03/07 12:0 a.m.•49 views

Riello UPS / NetMan Detection Consolidation

Consolidation of Riello NetMan network card and the underlying uninterruptible power supply UPS device detections. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

5.2AI score

Kitploit•added 2023/03/06 11:30 a.m.•98 views

Thunderstorm - Modular Framework To Exploit UPS Devices

Thunderstorm is a modular framework to exploit UPS devices. For now, only the CS-141 and NetMan 204 exploits will be available. The beta version of the framework will be released on the future. CVE Thunderstorm is currently capable of exploiting the following CVE: CVE-2022-47186 – Unrestricted fi...

10CVSS7.1AI score0.0157EPSS

CNNVD•added 2022/08/19 12:0 a.m.•2 views

RIELLO UPS NetMan 代码问题漏洞

RIELLO UPS NetMan is a network adapter from RIELLO UPS, Italy. A code issue vulnerability exists in RIELLO UPS NetMan. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the manufacturer's bulletin...

10CVSS8.4AI score0.01178EPSS

CNNVD•added 2022/08/19 12:0 a.m.•2 views

RIELLO UPS NetMan 信任管理问题漏洞

RIELLO UPS NetMan is a network adapter from RIELLO UPS, Italy. RIELLO UPS NetMan is vulnerable to a trust management issue. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...

8.8CVSS8.2AI score0.00613EPSS

CNNVD•added 2022/08/19 12:0 a.m.•11 views

RIELLO UPS NetMan 安全漏洞

RIELLO UPS NetMan is a network adapter from RIELLO UPS, Italy. A security vulnerability exists in RIELLO UPS NetMan. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the manufacturer's bulletin...

7.5CVSS7.7AI score0.00478EPSS

OSV•added 2019/07/03 5:15 p.m.•4 views

CVE-2017-6900

An issue was discovered in Riello NetMan 204 14-2 and 15-2. The issue is with the login script and wrongpass Python script used for authentication. When calling wrongpass, the variables $VAL0 and $VAL1 should be enclosed in quotes to prevent the potential for Bash command injection. Further to...

9.8CVSS5.8AI score0.02625EPSS

NVD•added 2019/07/03 5:15 p.m.•17 views

CVE-2017-6900

10CVSS9AI score0.02625EPSS

Prion•added 2019/07/03 5:15 p.m.•12 views

Command injection

10CVSS8.9AI score0.02625EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/07/03 4:28 p.m.•17 views

CVE-2017-6900

9.1AI score0.02625EPSS

CVE•added 2019/07/03 4:28 p.m.•57 views

CVE-2017-6900

Summary (CVE-2017-6900) Riello NetMan 204 (14-2 and 15-2) is affected by a login/authentication flaw in the login script and wrongpass Python script. The issue arises because VAL0/VAL1 passed to wrongpass are not quoted, enabling potential Bash command injection, and these values should be saniti...

10CVSS8.8AI score0.02625EPSS

Exploits0References2Affected Software1

Packet Storm•added 2017/01/31 12:0 a.m.•52 views

Netman 204 Backdoor / Password Reset

Exploit Title: Netman 204 Backdoor and weak password recovery function Google Dork: intitle:"Netman 204 login" Date: 31st Jan 2017 Exploit Author: Simon Gurney Vendor Homepage: blog.synack.co.uk Software Link: http://www.riello-ups.co.uk/uploads/file/319/1319/FW058-0105FWB0225NetMan204.zip Versio...

0.2AI score

exploitpack•added 2017/01/31 12:0 a.m.•28 views

Netman 204 - Backdoor Account Password Reset

Netman 204 - Backdoor Account Password Reset Exploit Title: Netman 204 Backdoor and weak password recovery function Google Dork: intitle:"Netman 204 login" Date: 31st Jan 2017 Exploit Author: Simon Gurney Vendor Homepage: blog.synack.co.uk Software Link:...

1AI score

0day.today•added 2017/01/31 12:0 a.m.•61 views

Netman 204 - Backdoor Account / Password Reset Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Netman 204 Backdoor and weak password recovery function Google Dork: intitle:"Netman 204 login" Date: 31st Jan 2017 Exploit Author: Simon Gurney Vendor Homepage: blog.synack.co.uk Software Link:...

7.1AI score

Exploit DB•added 2017/01/31 12:0 a.m.•129 views

Netman 204 - Backdoor Account / Password Reset

7.4AI score

0day.today•added 2016/09/28 12:0 a.m.•33 views

NetMan 204 - Backdoor Account Vulnerability

Exploit for hardware platform in category remote exploits NetMan 204 - Backdoor Account Author: Saeed reza Zamanian penetrationtest @ Linkedin Product: NetMan 204 Vendor: http://www.riello-ups.com Product URL: http://www.riello-ups.com/products/4-software-connectivity/85-netman-204 Quick Referenc...

7.1AI score