18 matches found
EUVD-2022-26425
Malicious code in bioql PyPI...
CVE-2020-16231
The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life...
bachmann-hotels.de Cross Site Scripting vulnerability OBB-3404097
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bachmann-display.ch Cross Site Scripting vulnerability OBB-3336433
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
campus.fundacionbachmann.org.ar Cross Site Scripting vulnerability OBB-2888643
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2022-21184
The CVE-2022-21184 affects Bachmann Visutec GmbH Atvise 3.5.4, 3.6, and 3.7. The root cause is an information disclosure in the License registration flow where login credentials are sent in plaintext over HTTP, enabling credential exposure via a man-in-the-middle attack. Documented impact is disc...
CVE-2022-21184
An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...
CVE-2022-21184
An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...
bachmann-hotels.de Cross Site Scripting vulnerability OBB-2652089
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
All Bachmann M1 System Processor Modules Use of Password Hash with Insufficient Computational Effort (CVE-2020-16231)
The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life...
CVE-2020-16231
The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life...
Default credentials
The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life...
CVE-2020-16231 All Bachmann M1 System Processor Modules - Use of Password Hash with Insufficient Computational Effort
The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life...
CVE-2020-16231 All Bachmann M1 System Processor Modules - Use of Password Hash with Insufficient Computational Effort
The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life...
CVE-2020-16231
CVE-2020-16231 affects all Bachmann M-Base Controllers running MSYS v1.06.14 and newer. The vulnerability stems from weak cryptography used to protect device passwords, with Security Level 0 set by default in many models (e.g., MX207, MX213, MX220, MC206, MC212, MC220, MH230 actively supported; o...
Bachmann Electronic All M-Base Controllers 加密问题漏洞
Bachmann Electronic All M-Base Controllers is a controller system from Bachmann, Germany, used to control networks. A cryptographic issue vulnerability exists in Bachmann Electronic All M-Base Controllers that stems from not properly using the relevant cryptographic algorithms, resulting in...
All Bachmann M1 System Processor Modules
1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Bachmann Electronic, GmbH Equipment: All M-Base Controllers Vulnerability : Use of Password Hash with Insufficient Computational Effort 2. REPOSTED INFORMATION This updated advisory is a follow-up to...
bachmann-hotels.de Cross Site Scripting vulnerability
Security Researcher g0bl1nsec Helped patch 3596 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting bachmann-hotels.de website and its users. Following...