Secheron SEPCOS Control and Protection Relay Information Disclosure Vulnerability

Secheron SEPCOS Control and Protection Relay is a relay from Secheron. Control and protect your DC panels and contact lines from short circuits and other electrical faults, and benefit from enhanced communication capabilities.The Secheron SEPCOS Control and Protection Relay is vulnerable to an...

The vulnerability of the loader for microprogramming software SEPCOS Single Package relay controllers and Secheron SEPCOS systems allows a hacker to load arbitrary files.

The vulnerability of the file loading handler in the microprogramming software SEPCOS Single Package Relays and Security Devices Secheron SEPCOS is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability allows a malicious actor to load any...

The vulnerability of the SEPCOS Single Package software for the Secheron SEPCOS control and protection relay allows a hacker to elevate their privileges to the level of a superuser.

The vulnerability of the SEPCOS Single Package control and protection relay software is related to weak password requirements. Exploiting this vulnerability could allow a malicious actor to elevate their privileges to superuser status through the open TCP port for SSH...

Unspecified vulnerability in Secheron SEPCOS Control and Protection Relay

The Secheron SEPCOS Control and Protection Relay is a relay from Secheron. Control and protect your DC panels and contact lines from short circuits and other electrical faults, and benefit from enhanced communication capabilities.A security vulnerability exists in the Secheron SEPCOS Control and...

Secheron SEPCOS Control and Protection Relay Elevation of Privilege Vulnerability

Secheron SEPCOS Control and Protection Relay is a relay from Secheron. Control and protect your DC panels and contact lines from short circuits and other electrical faults, and benefit from enhanced communication capabilities.An elevation of privilege vulnerability exists in the Secheron SEPCOS...

Secheron SEPCOS Control and Protection Relay Code Issue Vulnerability

Secheron SEPCOS Control and Protection Relay is a relay from Secheron. Control and protect your DC panels and contact lines from short circuits and other electrical faults, and benefit from enhanced communication capabilities.A code issue vulnerability exists in the Secheron SEPCOS Control and...

Secheron SEPCOS Control and Protection Relay Access Control Error Vulnerability

The Secheron SEPCOS Control and Protection Relay is a relay from Secheron. Control and protect your DC panels and contact lines from short circuits and other electrical faults, and benefit from enhanced communication capabilities.The Secheron SEPCOS Control and Protection Relay is vulnerable to a...

Unspecified vulnerability in Secheron SEPCOS Control and Protection Relay

Secheron SEPCOS Control and Protection Relay is a relay from Secheron. Control and protect your DC panels and contact lines from short circuits and other electrical faults, and benefit from enhanced communication capabilities.A security vulnerability exists in the Secheron SEPCOS Control and...

Secheron SEPCOS Control and Protection Relay Weak Password Vulnerability

Secheron SEPCOS Control and Protection Relay is a relay from Secheron. Control and protect your DC panels and contact lines from short circuits and other electrical faults, and benefit from enhanced communication capabilities.The Secheron SEPCOS Control and Protection Relay has a weak password...

CVE-2022-2102 Secheron SEPCOS Control and Protection Relay

Controls limiting uploads to certain file extensions may be bypassed. This could allow an attacker to intercept the initial file upload page response and modify the associated code. This modified code can be forwarded and used by a script loaded later in the sequence, allowing for arbitrary file...

CVE-2022-2102 Secheron SEPCOS Control and Protection Relay

Controls limiting uploads to certain file extensions may be bypassed. This could allow an attacker to intercept the initial file upload page response and modify the associated code. This modified code can be forwarded and used by a script loaded later in the sequence, allowing for arbitrary file...

CVE-2022-1668 Secheron SEPCOS Control and Protection Relay

Weak default root user credentials allow remote attackers to easily obtain OS superuser privileges over the open TCP port for SSH...

CVE-2022-2104 Secheron SEPCOS Control and Protection Relay

The www-data Apache web server account is configured to run sudo with no password for many commands including /bin/sh and /bin/bash...

CVE-2022-2105 Secheron SEPCOS Control and Protection Relay

Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters...

CVE-2022-2104 Secheron SEPCOS Control and Protection Relay

The www-data Apache web server account is configured to run sudo with no password for many commands including /bin/sh and /bin/bash...

CVE-2022-2105 Secheron SEPCOS Control and Protection Relay

Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters...

CVE-2022-1667 Secheron SEPCOS Control and Protection Relay

Client-side JavaScript controls may be bypassed by directly running a JS function to reboot the PLC e.g., from the browser console or by loading the corresponding, browser accessible PHP script...

CVE-2022-1666 Secheron SEPCOS Control and Protection Relay

The default password for the web application’s root user the vendor’s private account was weak and the MD5 hash was used to crack the password using a widely available open-source tool...

CVE-2022-2103 Secheron SEPCOS Control and Protection Relay

An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories...

CVE-2022-2103 Secheron SEPCOS Control and Protection Relay

An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories...