47 matches found
WordPress Awin Data Feed <=1.6 - Cross-Site Scripting
WordPress Awin Data Feed plugin 1.6 and prior contains a cross-site scripting vulnerability. It does not sanitize and escape a parameter before outputting it back via an AJAX action, available to both unauthenticated and authenticated users. id: CVE-2022-1937 info: name: WordPress Awin Data Feed...
CVE-2025-13777
Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13778
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
EUVD-2025-208631
Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13777
Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13778
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13779
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13779 Configuration Data Spill
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13779
The CVE-2025-13779 entry concerns ABB AWIN GW100 rev.2 and AWIN GW120 units with a missing authentication vulnerability in a critical function. Affected revisions: GW100 rev.2 (2.0-0, 2.0-1) and GW120 (1.2-0, 1.2-1). The issue is exploitable with adjacent attack vector, low complexity, no privile...
CVE-2025-13779 Configuration Data Spill
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13778
The CVE-2025-13778 entry concerns ABB AWIN GW100 rev.2 and AWIN GW120 systems, identified by missing authentication for a critical function. Affected revisions include GW100 rev.2: 2.0-0, 2.0-1; GW120: 1.2-0, 1.2-1. The vulnerability’s impact is indicated as HIGH availability risk (CVSS 4.0: AV:A...
CVE-2025-13778 Device Reboot Control
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13778 Device Reboot Control
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13777 Authentication Bypass due to Improper Session Validation
Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13777 Authentication Bypass due to Improper Session Validation
Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13777
CVE-2025-13777 describes an authentication bypass via capture-replay in ABB AWIN GW100 rev.2 and GW120. Affected firmware: AWIN GW100 rev.2 (2.0-0, 2.0-1) and GW120 (1.2-0, 1.2-1). Root cause: improper session validation leading to authentication bypass. CVSS vectors indicate high impact with adj...
ABB AWIN Gateways
SUMMARY ABB became aware of vulnerability in the products versions listed as affected in the advisory. An update is available that resolves the reported vulnerabilities. AWIN gateways are not intended to be internet-facing. An attacker who successfully exploited this vulnerability could take...
PT-2026-25313
🟠 CVE-2025-13779 - High Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1. https://t.co/dh5JkIu0yT https://t.co/gVJzqT9qlg...
ABB AWIN GW100和ABB AWIN GW120 安全漏洞
ABB AWIN GW100 and ABB AWIN GW120 are communication gateway devices produced by the Swiss company ABB. There are security vulnerabilities in versions of ABB AWIN GW100 rev.2 2.0-1 and earlier, as well as ABB AWIN GW120 1.2-1 and earlier. These vulnerabilities stem from the ability to capture and...
EUVD-2022-25206
Malicious code in bioql PyPI...