140 matches found
CVE-2024-41790
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the region parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...
CVE-2024-41789
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the language parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...
CVE-2024-41789
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the language parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...
CVE-2024-41789
Siemens SENTRON 7KT PAC1260 Data Manager (all versions) is affected by an OS command injection vulnerability caused by inadequate sanitization of the language parameter in certain POST requests, enabling an authenticated attacker to execute arbitrary code with root privileges. Multiple sources (N...
CVE-2024-41788
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the input parameters in specific GET requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...
CVE-2024-41788
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the input parameters in specific GET requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...
CVE-2024-41788
The CVE-2024-41788 entry concerns Siemens SENTRON 7KT PAC1260 Data Manager. The issue is an OS command injection in the device’s web interface caused by input parameters in specific GET requests not being sanitized, enabling an authenticated remote attacker to execute arbitrary code with root pri...
Siemens SENTRON 7KT PAC1260 Data Manager 跨站请求伪造漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens, Germany. A cross-site request forgery vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which stems from a cross-site request forgery vulnerability in the web interfac...
Siemens SENTRON 7KT PAC1260 Data Manager 路径遍历漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A path traversal vulnerability exists in Siemens SENTRON 7KT PAC1260 Data Manager, which arises from the program failing to correctly filter special elements in the path of a...
Siemens SENTRON 7KT PAC1260 Data Manager 信任管理问题漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A trust management issue vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which stems from the presence of hard-coded credentials that can be exploited by an...
Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the region parameter of a specific POST request,...
Siemens SENTRON 7KT PAC1260 Data Manager 访问控制错误漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. An Access Control Error vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which originates from an unauthenticated SSH service enabled endpoint, and can be...
Siemens SENTRON 7KT PAC1260 Data Manager 访问控制错误漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. An access control error vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which originates from an unauthenticated report creation request, and can be exploite...
Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the language parameter of a specific POST request,...
Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the input parameter of a specific GET request, whic...
Siemens SENTRON 7KT PAC1260 Data Manager 安全漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens, Germany. A security vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager that originates from a vulnerability that allows the login password to be changed without...
Siemens SENTRON 7KT PAC1260 Data Manager
SUMMARY SENTRON 7KT PAC1260 Data Manager is affected by multiple vulnerabilities as listed below. Software fixes can no longer be provided for The SENTRON 7KT PAC1260 Data Manager. This advisory documents the known open vulnerabilities. To fix the vulnerabilities, Siemens recommends to replace...
CVE-2024-22044
A vulnerability has been identified in SENTRON 3KC ATC6 Expansion Module Ethernet 3KC9000-8TL75 All versions. Affected devices expose an unused, unstable http service at port 80/tcp on the Modbus-TCP Ethernet. This could allow an attacker on the same Modbus network to create a denial of service...
The vulnerability of the BLE (Bluetooth Low Energy) component of the microprogramming software for monitoring and controlling energy systems in Sentron Powercenter 1000/1100 allows a intruder to trigger a service failure.
The vulnerability of the BLE Bluetooth Low Energy component of the microprogramming software for monitoring and controlling energy systems in Sentron Powercenter 1000/1100 is related to synchronization errors. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of Ember ZNet’s microprogramming software library for monitoring and controlling Sentron Powercenter 1000 allows a intruder to cause a service failure.
The vulnerability of Ember ZNet’s microprogramming software for monitoring and controlling energy systems in Sentron Powercenter 1000 lies in the possibility of manipulating the NWK serial number. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...