CVE-2023-2625

A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user...

PT-2023-20563 · Coretec 4 · Coretec 4

Name of the Vulnerable Software and Affected Versions: CoreTec 4 affected versions not specified Description: A vulnerability exists that can be exploited by an authenticated client connected to the same network segment as the system, with any level of access from VIEWER to ADMIN. The attacker ca...

CVE-2021-35531

Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects:...

Hitachi Energy TXpert Hub CoreTec 4 安全漏洞

The Hitachi Energy TXpert Hub CoreTec 4 is a digital transformer monitoring and diagnostic device from Hitachi, Japan. The Hitachi Energy TXpert Hub CoreTec 4 has a security vulnerability that originates from a problem with session identifier token validation in the application authentication and...

PT-2022-10467 · Hitachi Energy · Hitachi Energy Txpert Hub Coretec 4

Name of the Vulnerable Software and Affected Versions: Hitachi Energy TXpert Hub CoreTec 4 versions 2.0.0 through 2.2.1 Description: The issue is related to an Improper Input Validation vulnerability in a particular configuration setting field of the Hitachi Energy TXpert Hub CoreTec 4 product...