11 matches found
CVE-2024-27772
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-78: 'OS Command Injection' may allow RCE...
CVE-2024-27774
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware...
CVE-2024-27770
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal...
CVE-2024-27774 Unitronics Unistream Unilogic – Versions prior to 1.35.227 CWE-259: Use of Hard-coded Password
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware...
CVE-2024-27774
Summary (CVE-2024-27774) : Unitronics Unistream Unilogic is affected in versions prior to 1.35.227. The root cause is the use of hard-coded passwords, which may disclose sensitive information embedded in the device firmware (high confidentiality impact). Affected component is the Unilogic firmwar...
CVE-2024-27772 Unitronics Unistream Unilogic – Versions prior to 1.35.227 CWE-78: 'OS Command Injection'
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-78: 'OS Command Injection' may allow RCE...
CVE-2024-27770 Unitronics Unistream Unilogic – Versions prior to 1.35.227 CWE-23: Relative Path Traversal
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal...
CVE-2024-27768 Unitronics Unistream Unilogic – Versions prior to 1.35.227 CWE-22: 'Path Traversal'
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE...
CVE-2024-27768
CVE-2024-27768 affects Unitronics Unistream Unilogic before version 1.35.227. The issue is a Path Traversal vulnerability that may allow remote code execution (RCE) by accessing files outside the web root. Affected component appears to be the Unilogic software on Unitronics Unistream controllers....
CVE-2024-27767 Unitronics Unistream Unilogic – Versions prior to 1.35.227 CWE-287: Improper Authentication
CWE-287: Improper Authentication may allow Authentication Bypass...
Unitronics Unistream Unilogic Path Traversal Vulnerability
Unitronics Unistream Unilogic is an integrated controller software platform from Unitronics Corporation for developing and programming the Unistream family of programmable logic controllers PLCs. A security vulnerability exists in Unitronics Unistream Unilogic versions prior to 1.35.227. An...