42 matches found
CVE-2023-43627
Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in...
EUVD-2023-48027
Malicious code in bioql PyPI...
EUVD-2023-47203
Malicious code in bioql PyPI...
CVE-2024-28744
The password is empty in the initial configuration of ACERA 9010-08 firmware v02.04 and earlier, and ACERA 9010-24 firmware v02.04 and earlier. An unauthenticated attacker may log in to the product with no password, and obtain and/or alter information such as network configuration and user...
CVE-2023-42771
Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent unauthenticated attacker who can access the affected product to download configuration files and/or log files, and upload configuration files...
CVE-2024-28744
The vulnerability CVE-2024-28744 affects FURUNO ACERA 9010 devices in non MS mode with the initial configuration. In firmware v02.04 and earlier (both 9010-08 and 9010-24), the password is empty, allowing an unauthenticated attacker to log in without a password and potentially read or modify info...
CVE-2024-28744
The password is empty in the initial configuration of ACERA 9010-08 firmware v02.04 and earlier, and ACERA 9010-24 firmware v02.04 and earlier. An unauthenticated attacker may log in to the product with no password, and obtain and/or alter information such as network configuration and user...
PT-2024-22553 · Acera · Acera 9010-24 +1
Name of the Vulnerable Software and Affected Versions: ACERA 9010-08 firmware versions v02.04 and earlier ACERA 9010-24 firmware versions v02.04 and earlier Description: The password is empty in the initial configuration, allowing an unauthenticated attacker to log in with no password and obtain ...
FURUNO SYSTEMS Managed Switch ACERA 9010 running in non MS mode with the initial configuration has no password
Overview In the initial configuration of Managed Switch ACERA 9010 provided by FURUNO Systems Co., Ltd., the password is empty CWE-258 and the remote access service is enabled. The products are affected only when running in non MS mode with the initial configuration. FURUNO SYSTEMS Co.,Ltd...
FURUNO ACERA 安全漏洞
FURUNO ACERA is a series of switches from FURUNO Japan. A security vulnerability exists in the FURUNO ACERA 9010 v02.04 and earlier firmware versions, ACERA 9010-24 v02.04 and earlier firmware versions, which originates from an unauthenticated attacker being able to log in to the product without ...
CVE-2023-43627
Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in...
CVE-2023-43627
Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in...
CVE-2023-39429
Cross-site scripting vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to inject an arbitrary script via a crafted configuration. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 a...
CVE-2023-42771
Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent unauthenticated attacker who can access the affected product to download configuration files and/or log files, and upload configuration files...
CVE-2023-39429
Cross-site scripting vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to inject an arbitrary script via a crafted configuration. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 a...
CVE-2023-39222
OS command injection vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command that is not intended to be executed from the web interface by sending a specially crafted request. Affected products and versions are as follows:...
CVE-2023-41086
Cross-site request forgery CSRF vulnerability exists in FURUNO SYSTEMS wireless LAN access point devices. If a user views a malicious page while logged in, unintended operations may be performed. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i...
CVE-2023-39222
OS command injection vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command that is not intended to be executed from the web interface by sending a specially crafted request. Affected products and versions are as follows:...
CVE-2023-42771
Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent unauthenticated attacker who can access the affected product to download configuration files and/or log files, and upload configuration files...
Cross site scripting
Cross-site scripting vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to inject an arbitrary script via a crafted configuration. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 a...