15 matches found
EUVD-2019-8741
Malware in sbrugna...
EUVD-2019-8740
Malware in sbrugna...
CVE-2019-19107
The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext although hidden when displayed...
CVE-2019-19104
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator URL , violating the access-control ACL rules. This issue allows obtaining...
CVE-2019-19106
Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing or editing user profiles and application settings...
ABB Telephone Gateway TG/S and Busch-Jaeger Telefon-Gateway Privilege Permission and Access Control Issues Vulnerabilities
The ABB Telephone Gateway TG/S and the Busch-Jaeger 6186/11 Telefon-Gateway are both a telephone gateway product from ABB Switzerland. A privileged license and access control vulnerability exists in the ABB Telephone Gateway TG/S version 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway version, which...
CVE-2019-19107
The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext although hidden when displayed...
CVE-2019-19106
Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing or editing user profiles and application settings...
CVE-2019-19104
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator URL , violating the access-control ACL rules. This issue allows obtaining...
Design/Logic Flaw
The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext although hidden when displayed...
Improper access control
Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing or editing user profiles and application settings...
Privilege escalation
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator URL , violating the access-control ACL rules. This issue allows obtaining...
CVE-2019-19105 ABB/Busch-Jaeger Telephone Gateway TG/S 3.2 Plaintext storing of credentials
The backup function in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway saves the current settings and configuration of the application, including credentials of existing user accounts and other configuration's credentials in plaintext...
CVE-2019-19105
CVE-2019-19105 affects ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway. The backup feature stores the application’s current settings and credentials (including user accounts and other configuration credentials) in plaintext, exposing confidentiality. Exploitation details a...
CVE-2019-19104
CVE-2019-19104 affects ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway. The web server allows anonymous access to multiple endpoints by requesting a specific URL, violating ACL rules and potentially exposing sensitive data and enabling privilege escalation. The CVSS metric...