5 matches found
CVE-2023-36607
The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information such as software versions and web server file contents...
CVE-2023-36607
The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information such as software versions and web server file contents...
CVE-2023-36607 CVE-2023-36607
The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information such as software versions and web server file contents...
CVE-2023-36607
CVE-2023-36607 relates to Ovarro TBox RTUs and involves missing authorization to run certain API commands. The EU/ICS advisory details affected firmware ranges across multiple TBox models (e.g., TBox MS-CPU32, MS-CPU32-S2, LT2, TG2, RM2) with versions up to 1.50.598 and prior, plus earlier versio...
Ovarro TBox RTUs
1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Ovarro Equipment: TBox RTUs Vulnerabilities: Missing Authorization, Use of Broken or Risky Cryptographic Algorithm, Inclusion of Functionality from Untrusted Control Sphere, Insufficient Entropy,...