CVE-2022-32515

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause brute force attacks to take over the admin account when the product does not implement a rate limit mechanism on the admin authentication form. Affected Products: Conext™ ComBox All Versions...

CVE-2022-32516

A CWE-352: Cross-Site Request Forgery CSRF vulnerability exists that could cause system’s configurations override and cause a reboot loop when the product suffers from POST-Based Cross-Site Request Forgery CSRF. Affected Products: Conext™ ComBox All Versions...

The vulnerability of Schneider Electric Conext ComBox’s communication and monitoring software lies in improper restrictions on the layers or frames of the user interface that are displayed. This allows attackers to compromise the integrity of data.

The vulnerability of the microprogramming software of Schneider Electric Conext ComBox relates to incorrect restrictions on the visible layers or frames of the user interface. Exploiting this vulnerability could allow an attacker to compromise the integrity of data...

The vulnerability of Schneider Electric Conext ComBox’s microprogramming software lies in its insufficient authentication attempt limitation. This allows attackers to circumvent existing security restrictions by using brute-force attacks.

The vulnerability of the microprogramming software of Schneider Electric Conext ComBox relates to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor to circumvent existing security measures through brute-force attacks...

The vulnerability of Schneider Electric Conext ComBox’s microprogramming software, related to the manipulation of inter-site requests, allows a perpetrator to trigger a service failure.

The vulnerability of the microprogramming software of Schneider Electric Conext ComBox relates to the manipulation of inter-site requests. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause a service failure through a specially crafted POST request...

PT-2022-3474 · Schneider Electric · Conext Combox

Name of the Vulnerable Software and Affected Versions: Conext ComBox All Versions Description: A Cross-Site Request Forgery CSRF issue exists, potentially allowing an attacker to override system configurations and cause a reboot loop through a specially crafted POST request. This could lead to a...

PT-2022-3534 · Schneider Electric · Conext Combox

Name of the Vulnerable Software and Affected Versions: Conext ComBox versions all Description: The issue is related to improper restriction of rendered UI layers or frames in the user interface, which could allow a remote adversary to affect data integrity by tricking the user into interacting wi...

PT-2022-3486 · Schneider Electric · Conext Combox

Name of the Vulnerable Software and Affected Versions: Conext ComBox All Versions Description: The issue is related to insufficient restriction of excessive authentication attempts, which could allow a remote attacker to bypass security restrictions using a brute force attack. This is due to the...

CVE-2021-22798

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause Sensitive data such as login credentials being exposed when a Network is sniffed. Affected Product: Conext� ComBox All Versions...

CVE-2021-22798

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause Sensitive data such as login credentials being exposed when a Network is sniffed. Affected Product: Conext� ComBox All Versions...

CVE-2021-22798

The CVE-2021-22798 issue affects Schneider Electric Conext ComBox (All Versions) and is described as CWE-522: Insufficiently Protected Credentials. The vulnerability could allow exposure of sensitive data (e.g., login credentials) when a network is sniffed. Root cause: credentials are not adequat...

Schneider Electric Conext™ComBox 安全漏洞

The Schneider Electric Conext ComBox is a powerful communication and monitoring device from Schneider Electric France. A security vulnerability exists in the Schneider Electric Conext™ ComBox that stems from the presence of an insufficiently protected credentials vulnerability that could result i...

PT-2022-9276 · Unknown · Conext Combox

Name of the Vulnerable Software and Affected Versions: Conext ComBox All Versions Description: A vulnerability exists that could cause sensitive data, such as login credentials, to be exposed when a network is sniffed. This issue could lead to the exposure of sensitive information. Recommendation...

CVE-2017-6019

An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot...

CVE-2017-6019

An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot...

Code injection

An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot...

CVE-2017-6019

An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot...

CVE-2017-6019

CVE-2017-6019 affects Schneider Electric Conext ComBox (model 865-1058) with all firmware versions prior to V3.03 BN 830. The issue is described as a resource exhaustion/denial-of-service condition caused by a series of rapid requests to the device, which can lead to a reboot. Mitigation: Schneid...

Conext ComBox 865-1058 - Denial of Service Exploit

Exploit for hardware platform in category dos / poc Exploit Title: Conext ComBox - Denial of Service HTTP-POST Description: The exploit cause the device to self-reboot, constituting a denial of service. Google Dork: "Conext ComBox" + "JavaScript was not detected" /OR/ "Conext ComBox" + "Recover...

Conext ComBox 865-1058 Denial Of Service

Exploit Title: Conext ComBox - Denial of Service HTTP-POST Description: The exploit cause the device to self-reboot, constituting a denial of service. Google Dork: "Conext ComBox" + "JavaScript was not detected" /OR/ "Conext ComBox" + "Recover Lost Password" Date: March 02, 2017 Exploit Author:...