65 matches found
CISA Releases Nine Industrial Control Systems Advisories
CISA released nine Industrial Control Systems ICS advisories on July 13, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-194-01 Siemens RUGGEDCOM ROX ICSA-23-194-02 Siemens SiPass Integrated ICSA-23-194-03...
Rockwell Automation PowerMonitor 1000
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: PowerMonitor 1000 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code...
Cross site scripting
The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities within the web page of the product. The vulnerable pages do not require privileges to access and can be injected with code by an attacker which could be used to leverage an attack on an authenticated...
CVE-2023-2072 Rockwell Automation PowerMonitor 1000 Cross-Site Scripting Vulnerability
The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities within the web page of the product. The vulnerable pages do not require privileges to access and can be injected with code by an attacker which could be used to leverage an attack on an authenticated...
CVE-2023-2072 Rockwell Automation PowerMonitor 1000 Cross-Site Scripting Vulnerability
The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities within the web page of the product. The vulnerable pages do not require privileges to access and can be injected with code by an attacker which could be used to leverage an attack on an authenticated...
CVE-2023-2072
CVE-2023-2072 affects Rockwell Automation PowerMonitor 1000. Stored cross-site scripting in the product’s web pages allows code injection by an unauthenticated attacker to impact an authenticated user, potentially enabling remote code execution and compromising confidentiality, integrity, and ava...
Rockwell Automation Allen-Bradley PowerMonitor 1000 跨站脚本漏洞
Rockwell Automation PowerMonitor 1000 is a power monitoring device from Rockwell Automation. The Rockwell Automation PowerMonitor 1000 suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of user-supplied data, which can be exploited by an...
Rockwell Automation Allen-Bradley PowerMonitor 1000 Authentication Bypass Using an Alternate Path or Channel (CVE-2018-19616)
An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element. This plugin only works with Tenable.ot. Please visit...
Rockwell Automation Allen-Bradley PowerMonitor 1000 Improper Neutralization of Input During Web Page Generation (CVE-2018-19615)
Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. A remote attacker could inject arbitrary code into a targeted user's web browser to gain access to the affected device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Rockwellautomation Powermonitor Exposure of Resource to Wrong Sphere
An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element. File data ot500247.nasl...
The vulnerability of the monitor for distributing electrical loads in Rockwell Automation’s Allen-Bradley PowerMonitor 1000, related to deficiencies in the verification of data entered by users, allows a intruder to gain access to the device.
The vulnerability of the Rockwell Automation Allen-Bradley PowerMonitor 1000 in terms of electrical load distribution is related to deficiencies in data validation by users. Exploiting this vulnerability allows a malicious actor to execute XSS attacks and gain access to the device...
Rockwell Automation PowerMonitor 5000 1426-M6E-A PowerMonitor 5000 Series
Binary data 754708.prm...
Rockwell Automation PowerMonitor 5000 1426-M6E-CNT-A PowerMonitor 5000 Series
Binary data 754709.prm...
Rockwell Automation PowerMonitor 5000 1426-M8E-CNT-A PowerMonitor 5000 Series
Binary data 754712.prm...
Rockwell Automation PowerMonitor 5000 1426-M8E-A PowerMonitor 5000 Series
Binary data 754711.prm...
Rockwell Automation PowerMonitor 5000 1426-M5E-A PowerMonitor 5000 Series
Binary data 754705.prm...
Rockwell Automation PowerMonitor 5000 1426-M5E-CNT-A PowerMonitor 5000 Series
Binary data 754707.prm...
Rockwell Automation Powermonitor 3000 1404-M405A-DNT
Binary data 753800.prm...
Rockwell Automation PowerMonitor 5000 1426-M6E-DNT-A PowerMonitor 5000 Series
Binary data 754710.prm...
Rockwell Automation PowerMonitor 5000 1426-M8E-DNT-A PowerMonitor 5000 Series
Binary data 754713.prm...