331 matches found
CVE-2024-41793
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices provides an endpoint that allows to enable the ssh service without authentication. This could allow an unauthenticated remote attacker to enable remote access to the device...
CVE-2024-41793
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices provides an endpoint that allows to enable the ssh service without authentication. This could allow an unauthenticated remote attacker to enable remote access to the device...
CVE-2024-41792
CVE-2024-41792 affects Siemens SENTRON 7KT PAC1260 Data Manager (All versions). The vulnerability is a path traversal issue in the device’s web interface that allows an unauthenticated attacker to access arbitrary files with root privileges, due to improper input filtering in GET/POST handling. S...
CVE-2024-41790
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the region parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...
CVE-2024-41790
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the region parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...
CVE-2024-41789
Siemens SENTRON 7KT PAC1260 Data Manager (all versions) is affected by an OS command injection vulnerability caused by inadequate sanitization of the language parameter in certain POST requests, enabling an authenticated attacker to execute arbitrary code with root privileges. Multiple sources (N...
Siemens SENTRON 7KT PAC1260 Data Manager 信任管理问题漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A trust management issue vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which stems from the presence of hard-coded credentials that can be exploited by an...
Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the region parameter of a specific POST request,...
Siemens SENTRON 7KT PAC1260 Data Manager 跨站请求伪造漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens, Germany. A cross-site request forgery vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which stems from a cross-site request forgery vulnerability in the web interfac...
Siemens SENTRON 7KT PAC1260 Data Manager 安全漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens, Germany. A security vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager that originates from a vulnerability that allows the login password to be changed without...
PT-2025-15392 · Senron · Senron 7Kt Pac1260 Data Manager
Name of the Vulnerable Software and Affected Versions: SENRON 7KT PAC1260 Data Manager affected versions not specified Description: A vulnerability has been identified where affected devices contain hardcoded credentials for remote access to the device operating system with root privileges. This...
Siemens SENTRON 7KT PAC1260 Data Manager 访问控制错误漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. An access control error vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which originates from an unauthenticated report creation request, and can be exploite...
Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the language parameter of a specific POST request,...
Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the input parameter of a specific GET request, whic...
PT-2025-15386 · Senron · Senron 7Kt Pac1260 Data Manager
Name of the Vulnerable Software and Affected Versions: SENRON 7KT PAC1260 Data Manager All versions Description: A vulnerability has been identified in the web interface of affected devices, where input parameters in specific GET requests are not sanitized. This could allow an authenticated remot...
Siemens SENTRON 7KT PAC1260 Data Manager 路径遍历漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A path traversal vulnerability exists in Siemens SENTRON 7KT PAC1260 Data Manager, which arises from the program failing to correctly filter special elements in the path of a...
Siemens SENTRON 7KT PAC1260 Data Manager 访问控制错误漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. An Access Control Error vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which originates from an unauthenticated SSH service enabled endpoint, and can be...
CVE-2024-13835
The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation in all versions up to, and including, 1.4.3. This is due to the plugin not properly verifying the existence of a multisite installation prior to allowing user meta to be added/modified. This makes it...
CVE-2024-13835 Post Meta Data Manager <= 1.4.4 - Authentciated (Admin+) Multisite Privilege Escalation
The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation in all versions up to, and including, 1.4.4. This is due to the plugin not properly verifying the existence of a multisite installation prior to allowing user meta to be added/modified. This makes it...
CVE-2024-13835 Post Meta Data Manager <= 1.4.4 - Authentciated (Admin+) Multisite Privilege Escalation
The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation in all versions up to, and including, 1.4.4. This is due to the plugin not properly verifying the existence of a multisite installation prior to allowing user meta to be added/modified. This makes it...