43 matches found
CVE-2022-38355
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to attackers with access to the local area network LAN to disclose sensitive information stored by the affected product without requiring authentication...
EUVD-2022-44841
Malicious code in bioql PyPI...
EUVD-2022-40944
Malicious code in bioql PyPI...
EUVD-2025-28991
Malicious code in bioql PyPI...
CVE-2025-10127
Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...
CVE-2025-10127
Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...
CVE-2025-10127 Daikin Europe N.V Security Gateway Weak Password Recovery Mechanism for Forgotten Password
Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...
CVE-2025-10127 Daikin Europe N.V Security Gateway Weak Password Recovery Mechanism for Forgotten Password
Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...
CVE-2025-10127
CVE-2025-10127 affects Daikin Europe N.V Security Gateway. The vulnerability is an authorization bypass caused by a user-controlled key, allowing an unauthenticated attacker to access the system. Documented across multiple vendors and advisories (e.g., Red Hat, NVD, CISA ICS), with high severity ...
CISA Releases Eleven Industrial Control Systems Advisories
CISA released eleven Industrial Control Systems ICS advisories on September 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-254-01 Siemens SIMOTION Tools ICSA-25-254-02 Siemens SIMATIC Virtualization as a...
Daikin Europe N.V Security Gateway
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to the system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...
Daikin Security Gateway 授权问题漏洞
Daikin Security Gateway is a gateway device for remote management of systems from Daikin Japan. An authorization issue vulnerability exists in Daikin Security Gateway that stems from a user control key causing an authorization bypass that could lead to unauthorized system access...
PT-2025-37264
Name of the Vulnerable Software and Affected Versions: Daikin Security Gateway affected versions not specified Description: The Daikin Security Gateway is susceptible to an authorization bypass. An attacker can bypass authentication and gain access to the system without valid credentials through ...
Daikin Security Gateway 14 - Remote Password Reset
Daikin Security Gateway 214 - Remote Password Reset Vendor: Daikin Industries, Ltd. Product web page: https://www.daikin.com https://www.daikin.eu/enus/products/product.html/DRGATEWAYAA.html Affected version: App: 100, Frm: 214 Summary: The Security gateway allows the iTM and LC8 controllers to...
📄 Daikin Security Gateway 214 Remote Password Reset
The Daikin Security Gateway exposes a critical vulnerability in its password reset API endpoint. Due to an insecure direct object reference IDOR flaw, an unauthenticated attacker can send a crafted POST request to this endpoint, bypassing authentication mechanisms. Successful exploitation resets...
Daikin Security Gateway v214 Remote Password Reset
Summary The Security gateway allows the iTM and LC8 controllers to connect through the Security gateway to the Daikin Cloud Service. Instead of sending the report to the router directly, the iTM or LC8 controller sends the report to the Security gateway first. The Security gateway transforms the...
CVE-2022-41653
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an attacker obtaining user login credentials and control the system...
daikin-info.ru Cross Site Scripting vulnerability OBB-3718839
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
daikin-info.ru Cross Site Scripting vulnerability OBB-3689025
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2022-41653
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an attacker obtaining user login credentials and control the system...