15 matches found
EUVD-2021-27407
Malware in sbrugna...
EUVD-2019-9014
Malware in sbrugna...
EUVD-2021-27406
Malware in sbrugna...
CVE-2019-19393
The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...
CVE-2021-40223
Rittal CMC PU III Web management version V3.11.002 fails to sanitize user input on several parameters of the configuration User Configuration dialog, Task Configuration dialog and set logging filter dialog. This allows an attacker to backdoor the device with HTML and browser-interpreted content...
CVE-2021-40222
Rittal CMC PU III Web management Version affected: V3.11.002. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitiz...
CVE-2021-40223
Rittal CMC PU III Web management version V3.11.002 fails to sanitize user input on several parameters of the configuration User Configuration dialog, Task Configuration dialog and set logging filter dialog. This allows an attacker to backdoor the device with HTML and browser-interpreted content...
Design/Logic Flaw
Rittal CMC PU III Web management version V3.11.002 fails to sanitize user input on several parameters of the configuration User Configuration dialog, Task Configuration dialog and set logging filter dialog. This allows an attacker to backdoor the device with HTML and browser-interpreted content...
Remote code execution
Rittal CMC PU III Web management Version affected: V3.11.002. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitiz...
CVE-2021-40223
CVE-2021-40223 affects Rittal CMC PU III Web management (version V3.11.00_2). The root cause is failure to sanitize user input in multiple configuration dialogs (User Configuration, Task Configuration, and Set Logging Filter). This enables cross-site scripting (XSS) by injecting HTML/JavaScript c...
CVE-2021-40223
Rittal CMC PU III Web management version V3.11.002 fails to sanitize user input on several parameters of the configuration User Configuration dialog, Task Configuration dialog and set logging filter dialog. This allows an attacker to backdoor the device with HTML and browser-interpreted content...
CVE-2021-40222
Rittal CMC PU III Web management Version affected: V3.11.002. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitiz...
CVE-2021-40222
CVE-2021-40222 affects Rittal CMC PU III Web management. The vulnerability arises from failure to sanitize user input on the Network TCP/IP configuration page (PU-Hostname field), enabling remote command execution with root privileges via a crafted configuration payload. Affected version: V3.11.0...
Rittal CMC PU III 操作系统命令注入漏洞
Rittal CMC PU III is a monitoring system from Rittal, Germany. A security vulnerability exists in the Rittal CMC PU III Web management version V3.11.002, which originates from the inability of the web application to clean up user input on the network TCP/IP configuration page. The vulnerability c...
CVE-2019-19393
The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...