Lucene search
K

113 matches found

NVD
NVD
added 2021/09/09 12:15 p.m.18 views

CVE-2021-40223

Rittal CMC PU III Web management version V3.11.002 fails to sanitize user input on several parameters of the configuration User Configuration dialog, Task Configuration dialog and set logging filter dialog. This allows an attacker to backdoor the device with HTML and browser-interpreted content...

5.4CVSS0.00624EPSS
Exploits1References1
OSV
OSV
added 2021/09/09 12:15 p.m.3 views

CVE-2021-40223

Rittal CMC PU III Web management version V3.11.002 fails to sanitize user input on several parameters of the configuration User Configuration dialog, Task Configuration dialog and set logging filter dialog. This allows an attacker to backdoor the device with HTML and browser-interpreted content...

5.4CVSS5.8AI score0.00624EPSS
Exploits1References1
OSV
OSV
added 2021/09/09 12:15 p.m.3 views

CVE-2021-40222

Rittal CMC PU III Web management Version affected: V3.11.002. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitiz...

7.2CVSS6.3AI score0.04693EPSS
Exploits1References1
NVD
NVD
added 2021/09/09 12:15 p.m.19 views

CVE-2021-40222

Rittal CMC PU III Web management Version affected: V3.11.002. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitiz...

9CVSS0.04693EPSS
Exploits1References1
Prion
Prion
added 2021/09/09 12:15 p.m.22 views

Remote code execution

Rittal CMC PU III Web management Version affected: V3.11.002. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitiz...

9CVSS7.4AI score0.04693EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/09/09 12:15 p.m.15 views

Design/Logic Flaw

Rittal CMC PU III Web management version V3.11.002 fails to sanitize user input on several parameters of the configuration User Configuration dialog, Task Configuration dialog and set logging filter dialog. This allows an attacker to backdoor the device with HTML and browser-interpreted content...

3.5CVSS5.2AI score0.00624EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/09/09 11:4 a.m.49 views

CVE-2021-40223

CVE-2021-40223 affects Rittal CMC PU III Web management (version V3.11.00_2). The root cause is failure to sanitize user input in multiple configuration dialogs (User Configuration, Task Configuration, and Set Logging Filter). This enables cross-site scripting (XSS) by injecting HTML/JavaScript c...

5.4CVSS5.2AI score0.00624EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/09/09 11:4 a.m.21 views

CVE-2021-40223

Rittal CMC PU III Web management version V3.11.002 fails to sanitize user input on several parameters of the configuration User Configuration dialog, Task Configuration dialog and set logging filter dialog. This allows an attacker to backdoor the device with HTML and browser-interpreted content...

5.4AI score0.00624EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/09/09 11:4 a.m.21 views

CVE-2021-40222

Rittal CMC PU III Web management Version affected: V3.11.002. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitiz...

7.6AI score0.04693EPSS
Exploits1References1
CVE
CVE
added 2021/09/09 11:4 a.m.66 views

CVE-2021-40222

CVE-2021-40222 affects Rittal CMC PU III Web management. The vulnerability arises from failure to sanitize user input on the Network TCP/IP configuration page (PU-Hostname field), enabling remote command execution with root privileges via a crafted configuration payload. Affected version: V3.11.0...

9CVSS7.3AI score0.04693EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.6 views

Rittal CMC PU III 跨站脚本漏洞

Rittal CMC PU III is a monitoring system from Rittal, Germany. A security vulnerability exists in the Rittal CMC PU III Web management version V3.11.002, which originates from a failure of the web application to clean up user input on multiple parameters of the configuration User Configuration...

5.4CVSS5.8AI score0.00624EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.6 views

Rittal CMC PU III 操作系统命令注入漏洞

Rittal CMC PU III is a monitoring system from Rittal, Germany. A security vulnerability exists in the Rittal CMC PU III Web management version V3.11.002, which originates from the inability of the web application to clean up user input on the network TCP/IP configuration page. The vulnerability c...

9CVSS7.2AI score0.04693EPSS
Exploits1References2
NVD
NVD
added 2020/10/01 5:15 p.m.21 views

CVE-2019-19393

The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...

6.1CVSS0.00846EPSS
Exploits0References2
OSV
OSV
added 2020/10/01 5:15 p.m.4 views

CVE-2019-19393

The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...

6.1CVSS6.4AI score0.00846EPSS
Exploits0References2
Prion
Prion
added 2020/10/01 5:15 p.m.14 views

Design/Logic Flaw

The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...

4.3CVSS6AI score0.00846EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/10/01 4:55 p.m.29 views

CVE-2019-19393

The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...

6.1AI score0.00846EPSS
Exploits0References2
CVE
CVE
added 2020/10/01 4:55 p.m.56 views

CVE-2019-19393

The CVE-2019-19393 affects Rittal CMC PU III devices (7010/7030 series) with versions V3.00 to V3.15.70_4, where the Web application does not sanitize input on the system configurations page, enabling persistent XSS. This allows an attacker to backdoor the device by injecting HTML/browser-side sc...

6.1CVSS5.9AI score0.00846EPSS
Exploits0References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2020/08/05 12:0 a.m.2 views

Rittal Command Injection (CVE-2020-11953)

A command injection vulnerability exists in Rittal. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.8AI score0.0247EPSS
Exploits3
Check Point Advisories
Check Point Advisories
added 2020/08/03 12:0 a.m.4 views

Rittal PDU Command Injection (CVE-2020-11956)

A command injection vulnerability exists in Rittal PDU. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary commands on the affected system...

10CVSS7.8AI score0.01621EPSS
Exploits3
NVD
NVD
added 2020/07/14 2:15 p.m.22 views

CVE-2020-11956

An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. There is a least privilege violation...

10CVSS0.01621EPSS
Exploits3References1
Rows per page
Query Builder