19 matches found
CVE-2021-22763
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 see security notification for version infromation that could allow an attacker administrator level access to a device...
EUVD-2016-6753
Malware in sbrugna...
EUVD-2016-5500
Malware in sbrugna...
EUVD-2021-9898
Malicious code in bioql PyPI...
EUVD-2021-9899
Malicious code in bioql PyPI...
Schneider Electric PowerLogic PM55xx and PowerLogic PM8ECC Weak Password Recovery Mechanism For Forgotten Password (CVE-2021-22763)
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 see security notification for version infromation that could allow an attacker administrator level access to a device. This plug...
CVE-2021-22764
A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 see security notification for version infromation that could cause loss of connectivity to the device via Modbus TCP protocol when an attacker sends a specially...
Design/Logic Flaw
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 see security notification for version infromation that could allow an attacker administrator level access to a device...
CVE-2021-22763
The CVE-2021-22763 entry concerns Schneider Electric PowerLogic PM55xx, PM8ECC, EGX100, and EGX300 devices. A CWE-640 Weak Password Recovery Mechanism for Forgotten Password vulnerability could allow an attacker with administrator-level access to the device over the network. The issue is captured...
Schneider-electric PowerLogic 多款产品授权问题漏洞
PowerLogic EGX300 is a French Schneider-electric application server an integrated gateway server A security vulnerability exists in PowerLogic's PM55xx, PM8ECC, EGX100, and EGX300 that stems from a weak password recovery from forgotten passwords vulnerability in the PowerLogic PM55xx, PowerLogic...
CVE-2016-5818
An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device...
CVE-2016-5818
An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device...
Schneider Electric PowerLogic PM8ECC Security Bypass Vulnerability
The Schneider Electric PowerLogic PM8ECC is a communication module for use in 800 series meters from Schneider Electric, France. A security bypass vulnerability exists in Schneider Electric PowerLogic PM8ECC for PowerMeter 800 prior to version 2.651, which can be exploited by an attacker to bypas...
Schneider Electric PowerLogic PM8ECC Module Unauthorized Access Vulnerability
The Schneider Electric PowerLogic PM8ECC is a communication module for use in 800 series meters from Schneider Electric, France. An unauthorized access vulnerability exists in the Schneider Electric PowerLogic PM8ECC module that could be exploited by an attacker to gain full privileges to the web...
Schneider Electric PowerLogic PM8ECC XSS vulnerability
No description provided by source...
Schneider Electric PowerLogic PM8ECC Hard-coded Password Vulnerability
OVERVIEW Independent researcher He Congwen has identified a hard-coded password vulnerability in Schneider Electric’s PowerLogic PM8ECC device. Schneider Electric has produced a patch to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following...
Schneider Electric PowerLogic PM8ECC 模块未授权访问漏洞
PowerLogic PM8ECC是800 PowerMeter系列设备的通讯模块。根据施耐德电气描述, PowerLogic PM8ECC部署于商业设施部门并已在全世界广泛使用。 漏洞描述: 1.访问/status.htm页面。在没登录的情况下发现“User”处有一字符串; 2.以该字符串作为用户名和密码即可登录该设备的Web管理界面和FTP(如有),虽然用户列表中无该用户。...
CVE-2016-4513
Cross-site scripting XSS vulnerability in the Schneider Electric PowerLogic PM8ECC module before 2.651 for PowerMeter 800 devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Schneider Electric PowerLogic PM8ECC module before 2.651 for PowerMeter 800 devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...