Lucene search
K

331 matches found

Vulnrichment
Vulnrichment
added 2025/04/08 8:22 a.m.5 views

CVE-2024-41793

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices provides an endpoint that allows to enable the ssh service without authentication. This could allow an unauthenticated remote attacker to enable remote access to the device...

8.6CVSS7.3AI score0.00518EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/08 8:22 a.m.21 views

CVE-2024-41793

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices provides an endpoint that allows to enable the ssh service without authentication. This could allow an unauthenticated remote attacker to enable remote access to the device...

8.6CVSS0.00518EPSS
Exploits0References1
CVE
CVE
added 2025/04/08 8:22 a.m.53 views

CVE-2024-41792

CVE-2024-41792 affects Siemens SENTRON 7KT PAC1260 Data Manager (All versions). The vulnerability is a path traversal issue in the device’s web interface that allows an unauthenticated attacker to access arbitrary files with root privileges, due to improper input filtering in GET/POST handling. S...

9.2CVSS7.4AI score0.00545EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/08 8:22 a.m.4 views

CVE-2024-41790

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the region parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...

9.4CVSS8AI score0.00831EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/08 8:22 a.m.21 views

CVE-2024-41790

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the region parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...

9.4CVSS0.00831EPSS
Exploits0References1
CVE
CVE
added 2025/04/08 8:22 a.m.55 views

CVE-2024-41789

Siemens SENTRON 7KT PAC1260 Data Manager (all versions) is affected by an OS command injection vulnerability caused by inadequate sanitization of the language parameter in certain POST requests, enabling an authenticated attacker to execute arbitrary code with root privileges. Multiple sources (N...

9.4CVSS8AI score0.00831EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.4 views

Siemens SENTRON 7KT PAC1260 Data Manager 信任管理问题漏洞

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A trust management issue vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which stems from the presence of hard-coded credentials that can be exploited by an...

10CVSS7.1AI score0.00591EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.3 views

Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the region parameter of a specific POST request,...

9.4CVSS8.3AI score0.00831EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.3 views

Siemens SENTRON 7KT PAC1260 Data Manager 跨站请求伪造漏洞

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens, Germany. A cross-site request forgery vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which stems from a cross-site request forgery vulnerability in the web interfac...

6.9CVSS5.5AI score0.00205EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.3 views

Siemens SENTRON 7KT PAC1260 Data Manager 安全漏洞

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens, Germany. A security vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager that originates from a vulnerability that allows the login password to be changed without...

6.9CVSS5.6AI score0.00361EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.4 views

PT-2025-15392 · Senron · Senron 7Kt Pac1260 Data Manager

Name of the Vulnerable Software and Affected Versions: SENRON 7KT PAC1260 Data Manager affected versions not specified Description: A vulnerability has been identified where affected devices contain hardcoded credentials for remote access to the device operating system with root privileges. This...

10CVSS6.7AI score0.00591EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.3 views

Siemens SENTRON 7KT PAC1260 Data Manager 访问控制错误漏洞

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. An access control error vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which originates from an unauthenticated report creation request, and can be exploite...

7.3CVSS6.8AI score0.00366EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.22 views

Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the language parameter of a specific POST request,...

9.4CVSS8.3AI score0.00831EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.5 views

Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the input parameter of a specific GET request, whic...

9.4CVSS8.3AI score0.00831EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.5 views

PT-2025-15386 · Senron · Senron 7Kt Pac1260 Data Manager

Name of the Vulnerable Software and Affected Versions: SENRON 7KT PAC1260 Data Manager All versions Description: A vulnerability has been identified in the web interface of affected devices, where input parameters in specific GET requests are not sanitized. This could allow an authenticated remot...

9.4CVSS7.2AI score0.00831EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.4 views

Siemens SENTRON 7KT PAC1260 Data Manager 路径遍历漏洞

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A path traversal vulnerability exists in Siemens SENTRON 7KT PAC1260 Data Manager, which arises from the program failing to correctly filter special elements in the path of a...

9.2CVSS6.9AI score0.00545EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.6 views

Siemens SENTRON 7KT PAC1260 Data Manager 访问控制错误漏洞

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. An Access Control Error vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which originates from an unauthenticated SSH service enabled endpoint, and can be...

8.6CVSS7AI score0.00518EPSS
Exploits0References3
OSV
OSV
added 2025/03/08 3:15 a.m.6 views

CVE-2024-13835

The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation in all versions up to, and including, 1.4.3. This is due to the plugin not properly verifying the existence of a multisite installation prior to allowing user meta to be added/modified. This makes it...

7.2CVSS7.2AI score0.00372EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/08 2:24 a.m.12 views

CVE-2024-13835 Post Meta Data Manager <= 1.4.4 - Authentciated (Admin+) Multisite Privilege Escalation

The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation in all versions up to, and including, 1.4.4. This is due to the plugin not properly verifying the existence of a multisite installation prior to allowing user meta to be added/modified. This makes it...

7.2CVSS0.00372EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/08 2:24 a.m.5 views

CVE-2024-13835 Post Meta Data Manager <= 1.4.4 - Authentciated (Admin+) Multisite Privilege Escalation

The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation in all versions up to, and including, 1.4.4. This is due to the plugin not properly verifying the existence of a multisite installation prior to allowing user meta to be added/modified. This makes it...

7.2CVSS7.2AI score0.00372EPSS
Exploits0References2
Rows per page
Query Builder