12 matches found
EUVD-2023-54675
Malicious code in bioql PyPI...
CVE-2024-5672 Red Lion Europe: mbNET.mini vulnerable to OS command injection
A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command...
CVE-2024-5672 Red Lion Europe: mbNET.mini vulnerable to OS command injection
A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command...
CVE-2023-4834
In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged attacker to gain read access to limited, non-critical device information in his account he shoul...
CVE-2023-4834
In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged attacker to gain read access to limited, non-critical device information in his account he shoul...
CVE-2023-4834
In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged attacker to gain read access to limited, non-critical device information in his account he shoul...
CVE-2023-4834
In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged attacker to gain read access to limited, non-critical device information in his account he shoul...
CVE-2023-4834
Summary: CVE-2023-4834 affects Red Lion Europe mbCONNECT24, mymbCONNECT24, and Helmholz myREX24 / myREX24.virtual up to version 2.14.2. The root cause is an improperly implemented access validation, enabling an authenticated, low-privileged attacker to read limited, non-critical device informatio...
CVE-2023-34412
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code XSS...
Code injection
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code XSS...
CVE-2023-34412 Stored XXS vulnerability in mbnet, mbnet.rokey, REX 200 and REX 250
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code XSS...
CVE-2023-34412
CVE-2023-34412 affects Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200/250 devices with firmware