Lucene search
K

85 matches found

Vulnrichment
Vulnrichment
added 2026/04/24 12:6 a.m.4 views

CVE-2026-25775 SenseLive X3050 Missing authentication for critical function

A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-related requests from any reachable host and does not verify user privileges, integrity of uploaded...

9.8CVSS5.5AI score0.00405EPSS
Exploits0References3
CVE
CVE
added 2026/04/24 12:6 a.m.15 views

CVE-2026-25775

CVE-2026-25775 concerns SenseLive X3050, where the remote management service allows firmware retrieval and updates without authentication or authorization. The service accepts firmware-related requests from any reachable host and does not verify user privileges, the integrity of uploaded images, ...

9.8CVSS5.8AI score0.00405EPSS
Exploits0References3
CVE
CVE
added 2026/04/24 12:4 a.m.17 views

CVE-2026-35064

CVE-2026-35064 concerns SenseLive X3050’s management ecosystem. The vulnerability allows unauthenticated discovery of deployed units via the vendor’s management protocol, enabling an attacker on the same network segment to identify device presence, identifiers, and management interfaces because d...

8.7CVSS5.8AI score0.00462EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/04/24 12:4 a.m.5 views

EUVD-2026-25358

A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are...

8.7CVSS5.8AI score0.00462EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/24 12:4 a.m.3 views

CVE-2026-35064

A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are...

8.7CVSS5.8AI score0.00462EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/24 12:4 a.m.3 views

CVE-2026-35064 SenseLive X3050 Missing authentication for critical function

A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are...

8.7CVSS5.2AI score0.00462EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/24 12:4 a.m.29 views

CVE-2026-35064 SenseLive X3050 Missing authentication for critical function

A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are...

8.7CVSS0.00462EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/24 12:2 a.m.3 views

CVE-2026-40620

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

9.8CVSS5.8AI score0.00546EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/04/24 12:2 a.m.4 views

EUVD-2026-25362

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

9.8CVSS5.8AI score0.00546EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/24 12:2 a.m.29 views

CVE-2026-40620 SenseLive X3050 Missing authentication for critical function

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

9.8CVSS0.00546EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/24 12:2 a.m.3 views

CVE-2026-40620 SenseLive X3050 Missing authentication for critical function

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

9.8CVSS5.4AI score0.00546EPSS
Exploits0References3
CVE
CVE
added 2026/04/24 12:2 a.m.16 views

CVE-2026-40620

SenseLive X3050 is affected by a network‑accessible vulnerability in its embedded management service that permits full administrative control without authentication or authorization. The issue enables any reachable host using a vendor or compatible client to modify critical configuration paramete...

9.8CVSS5.8AI score0.00546EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/24 12:0 a.m.32 views

CVE-2026-27841 SenseLive X3050 Cross-Site request forgery

A vulnerability in SenseLive X3050's web management interface allows state-changing operations to be triggered without proper Cross-Site Request Forgery CSRF protections. Because the application does not enforce server-side validation of request origin or implement CSRF tokens, a malicious extern...

8.4CVSS0.00162EPSS
Exploits0References3
CVE
CVE
added 2026/04/24 12:0 a.m.12 views

CVE-2026-27841

SenseLive X3050 is affected by a CSRF vulnerability in its web management interface. The issue allows state-changing requests to be triggered without proper server-side origin validation or CSRF tokens, enabling a malicious external page to submit unauthorized configuration changes to the device....

8.4CVSS5.7AI score0.00162EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/24 12:0 a.m.5 views

CVE-2026-27841 SenseLive X3050 Cross-Site request forgery

A vulnerability in SenseLive X3050's web management interface allows state-changing operations to be triggered without proper Cross-Site Request Forgery CSRF protections. Because the application does not enforce server-side validation of request origin or implement CSRF tokens, a malicious extern...

8.4CVSS5.2AI score0.00162EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/24 12:0 a.m.6 views

EUVD-2026-25352

A vulnerability in SenseLive X3050's web management interface allows state-changing operations to be triggered without proper Cross-Site Request Forgery CSRF protections. Because the application does not enforce server-side validation of request origin or implement CSRF tokens, a malicious extern...

8.4CVSS5.7AI score0.00162EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/24 12:0 a.m.5 views

CVE-2026-27841

A vulnerability in SenseLive X3050's web management interface allows state-changing operations to be triggered without proper Cross-Site Request Forgery CSRF protections. Because the application does not enforce server-side validation of request origin or implement CSRF tokens, a malicious extern...

8.4CVSS5.7AI score0.00162EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.9 views

SenseLive X3050 安全漏洞

The SenseLive X3050 is a data collection and environmental monitoring device designed for IoT scenarios by SenseLive Corporation. The SenseLive X3050 has a security vulnerability, which stems from the unreliable application of password updates. This vulnerability may cause the system to continue...

9.3CVSS5.8AI score0.0038EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.12 views

SenseLive X3050 信任管理问题漏洞

The SenseLive X3050 is a data collection and environmental monitoring device designed for IoT scenarios by SenseLive Corporation. The SenseLive X3050 has a trust management vulnerability. This vulnerability stems from the fact that the authentication logic in the web management interface is...

9.8CVSS5.8AI score0.00548EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.12 views

SenseLive X3050 安全漏洞

The SenseLive X3050 is a data collection and environmental monitoring device designed for IoT scenarios by SenseLive Corporation. The SenseLive X3050 has a security vulnerability, which stems from improper execution of access control mechanisms. This could allow attackers with network access righ...

9.8CVSS5.9AI score0.00712EPSS
Exploits0References1
Rows per page
Query Builder