19 matches found
EUVD-2019-9014
Malware in sbrugna...
EUVD-2021-27407
Malware in sbrugna...
EUVD-2021-27406
Malware in sbrugna...
EUVD-2022-43907
Malicious code in bioql PyPI...
CVE-2019-19393
The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...
Design/Logic Flaw
A malicious actor can clone access cards used to open control cabinets secured with Rittal CMC III locks...
CVE-2022-40633 Rittal CMC III Improper Access Control
A malicious actor can clone access cards used to open control cabinets secured with Rittal CMC III locks...
CVE-2022-40633
CVE-2022-40633 affects Rittal CMC III control cabinet locks. The root issue is Improper Access Control, enabling a malicious actor to clone access cards to open cabinets. Public sources describe the impact as unauthorized physical access to secured cabinets, with CVSSv3 base metrics (AV: Physical...
CVE-2021-40222
Rittal CMC PU III Web management Version affected: V3.11.002. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitiz...
Design/Logic Flaw
Rittal CMC PU III Web management version V3.11.002 fails to sanitize user input on several parameters of the configuration User Configuration dialog, Task Configuration dialog and set logging filter dialog. This allows an attacker to backdoor the device with HTML and browser-interpreted content...
CVE-2021-40223
Rittal CMC PU III Web management version V3.11.002 fails to sanitize user input on several parameters of the configuration User Configuration dialog, Task Configuration dialog and set logging filter dialog. This allows an attacker to backdoor the device with HTML and browser-interpreted content...
CVE-2021-40222
Rittal CMC PU III Web management Version affected: V3.11.002. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitiz...
Rittal CMC PU III 操作系统命令注入漏洞
Rittal CMC PU III is a monitoring system from Rittal, Germany. A security vulnerability exists in the Rittal CMC PU III Web management version V3.11.002, which originates from the inability of the web application to clean up user input on the network TCP/IP configuration page. The vulnerability c...
CVE-2019-19393
The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...
CVE-2019-19393
The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...
Design/Logic Flaw
The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...
CVE-2019-19393
The CVE-2019-19393 affects Rittal CMC PU III devices (7010/7030 series) with versions V3.00 to V3.15.70_4, where the Web application does not sanitize input on the system configurations page, enabling persistent XSS. This allows an attacker to backdoor the device by injecting HTML/browser-side sc...
CVE-2019-19393
The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...
Rittal CMC-TC Processing Unit II XSS / Command Execution
Louhi Networks Oy -= Security Advisory =- Advisory: Rittal CMC-TC Processing Unit II multiple vulnerabilities Release Date: 2009-03-23 Last Modified: 2009-03-22 Authors: Henri Lindberg, CISA henri d0t lindberg at louhi d0t fi Application: Rittal CMC-TC PU II Web management Devices: CMC-TC PU II D...