16 matches found
EUVD-2024-49451
Malicious code in bioql PyPI...
CVE-2024-8877
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05...
CVE-2024-8878
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05...
CVE-2024-8878
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05...
CVE-2024-8877
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05...
CVE-2024-8877 SQL Injection
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05...
CVE-2024-8877 SQL Injection
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05...
CVE-2024-8877
Riello Netman 204 contains a SQL injection in three CGI endpoints: /cgi-bin/db_datalog_w.cgi, /cgi-bin/db_eventlog_w.cgi, and /cgi-bin/db_multimetr_w.cgi. The Nuclei template details unauthenticated SQLi that lets an attacker modify collected log data. The CVE description confirms the issue is li...
CVE-2024-8878 Unauthenticated Password Reset
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05...
CVE-2024-8878
CVE-2024-8878 concerns Riello NetMan 204. The vulnerability allows an unauthenticated password reset via the endpoint /recoverpassword.html, enabling an attacker to obtain the device’s netmanid and compute a recovery code to reset the admin password (admin:admin). Affected software is NetMan 204 ...
PT-2024-39296 · Riello · Riello Netman 204
Name of the Vulnerable Software and Affected Versions: Riello Netman 204 versions through 4.05 Description: The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device. Recommendations: For...
Riello UPS / NetMan Detection Consolidation
Consolidation of Riello NetMan network card and the underlying uninterruptible power supply UPS device detections. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2017-6900
An issue was discovered in Riello NetMan 204 14-2 and 15-2. The issue is with the login script and wrongpass Python script used for authentication. When calling wrongpass, the variables $VAL0 and $VAL1 should be enclosed in quotes to prevent the potential for Bash command injection. Further to...
Riello UPS / NetMan Detection (HTTP)
HTTP based detection of Riello NetMan network cards and the underlying uninterruptible power supply UPS device. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Riello NetMan 204 Default Credentials (SSH)
The remote Riello NetMan 204 network card is using known default credentials for the SSH login. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Riello NetMan Default Credentials (HTTP)
The remote Riello NetMan network card is using known default credentials for the HTTP login. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...