20 matches found
CVE-2020-8975
ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application and knowledge of the routes URIs used by the application, to access sensitive information about the system...
CVE-2020-8976
The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to perform actions with the permissions of a victim user. For this to happen, the victim user has to have an active session and triggers the malicious request...
CVE-2020-8974
In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable...
CVE-2020-8973
ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user...
Server side request forgery (ssrf)
The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to perform actions with the permissions of a victim user. For this to happen, the victim user has to have an active session and triggers the malicious request...
Design/Logic Flaw
ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user...
Information disclosure
ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application and knowledge of the routes URIs used by the application, to access sensitive information about the system...
CVE-2020-8976
CVE-2020-8976 affects ZGR TPS200 NG (firmware 2.00, hardware 1.01). The vulnerability allows a remote attacker to perform actions with the victim user’s permissions when the victim has an active session and triggers a malicious request (CSRF). Documented impacts include high/critical Confidential...
CVE-2020-8973 ZGR TPS200 NG Improper access control
ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user...
CVE-2020-8973
ZGR TPS200 NG (firmware 2.00, hardware 1.01) is affected by an improper request handling vulnerability. The device does not properly accept specially constructed requests, enabling an network-adjacent attacker to operate and change several parameters without user registration. This can impact con...
CVE-2020-8973 ZGR TPS200 NG Improper access control
ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user...
CVE-2020-8974 ZGR TPS200 NG Missing Reference to Active Allocated Resource
In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable...
CVE-2020-8974 ZGR TPS200 NG Missing Reference to Active Allocated Resource
In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable...
CVE-2020-8975 ZGR TPS200 NG Information Exposure
ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application and knowledge of the routes URIs used by the application, to access sensitive information about the system...
CVE-2020-8975
The CVE-2020-8975 entry concerns the ZGR TPS200 NG. Affected: firmware 2.00 and hardware 1.01. Issue: a remote attacker with web-application access and knowledge of the application routes can disclose sensitive system information. No specific exploit code or vectors are provided in the documents....
CVE-2020-8975 ZGR TPS200 NG Information Exposure
ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application and knowledge of the routes URIs used by the application, to access sensitive information about the system...
PT-2022-9067 · Zgr · Zgr Tps200 Ng
Name of the Vulnerable Software and Affected Versions: ZGR TPS200 NG version 2.00 firmware and version 1.01 hardware Description: The firmware upload process in the affected device does not have restrictions, allowing an attacker to modify the firmware and re-upload it via the web with malicious...
Zigor Corporación ZGR TPS200 NG 安全漏洞
The Zigor Corporación ZGR TPS200 NG is a rectifier for battery chargers from the Spanish company Zigor Corporación. Capable of managing sealed lead-acid or lithium batteries for industrial applications, remote control for substations and remote control of cellular phones, as well as applications...
PT-2022-9066 · Unknown · Zgr Tps200 Ng
Name of the Vulnerable Software and Affected Versions: ZGR TPS200 NG version 2.00 firmware and 1.01 hardware Description: The issue allows an attacker with access to the network where the affected asset is located to operate and change several parameters without having to be registered as a user ...
PT-2022-9069 · Unknown · Zgr Tps200 Ng
Name of the Vulnerable Software and Affected Versions: ZGR TPS200 NG version 2.00 Description: The issue allows a remote attacker to perform actions with the permissions of a victim user, given that the victim has an active session and triggers a malicious request. Recommendations: For ZGR TPS200...