61 matches found
CVE-2021-28914
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow the user to set a weak password because the strength is shown in configuration tool, but finally not enforced. This is usable and part of an attack chain to gain SSH root access...
CVE-2021-28909
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers to access uncontrolled the login service at /webif/SecurityModule in a brute force attack. The password could be weak and default username is known as 'admin'. This is usable and part of an attack chain to gain SS...
CVE-2021-28911
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data e.g. device serial number. Having those info, a possible loginId can be self-calculated in a brute force attack against BMX interface. This is usable and part...
CVE-2021-28913
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. This is usable and part of an attack chain to gain SSH root access...
CVE-2021-22291
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ABB EIBPORT V3 KNX, ABB EIBPORT V3 KNX GSM.This issue affects EIBPORT V3 KNX: before 3.9.2; EIBPORT V3 KNX GSM: before 3.9.2...
EUVD-2021-9437
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ABB EIBPORT V3 KNX, ABB EIBPORT V3 KNX GSM.This issue affects EIBPORT V3 KNX: before 3.9.2; EIBPORT V3 KNX GSM: before 3.9.2...
CVE-2021-22291
ABB EIBPORT V3 KNX and ABB EIBPORT V3 KNX GSM are affected by a reflected XSS due to improper input neutralization during web page generation. Affects versions prior to 3.9.2 for V3 KNX and prior to 3.9.2 for V3 KNX GSM. The vulnerability could allow attackers to execute scripts in the user’s bro...
CVE-2021-22291 EIBPORT Reflected XSS
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ABB EIBPORT V3 KNX, ABB EIBPORT V3 KNX GSM.This issue affects EIBPORT V3 KNX: before 3.9.2; EIBPORT V3 KNX GSM: before 3.9.2...
CVE-2021-22291 EIBPORT Reflected XSS
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ABB EIBPORT V3 KNX, ABB EIBPORT V3 KNX GSM.This issue affects EIBPORT V3 KNX: before 3.9.2; EIBPORT V3 KNX GSM: before 3.9.2...
EUVD-2021-15565
Malware in sbrugna...
EUVD-2021-15566
Malware in sbrugna...
EUVD-2021-15563
Malware in sbrugna...
EUVD-2021-15564
Malware in sbrugna...
EUVD-2021-15562
Malware in sbrugna...
EUVD-2020-17292
Malware in sbrugna...
ABB EIBPORT V3 KNX和ABB EIBPORT V3 KNX GSM 跨站脚本漏洞
ABB EIBPORT V3 KNX and ABB EIBPORT V3 KNX GSM are both a smart home gateway from ABB Switzerland. A cross-site scripting vulnerability exists in ABB EIBPORT V3 KNX versions prior to 3.9.2 and ABB EIBPORT V3 KNX GSM versions prior to 3.9.2, which stems from improper input neutralization and could...
PT-2025-40993
Name of the Vulnerable Software and Affected Versions ABB EIBPORT V3 KNX versions prior to 3.9.2 ABB EIBPORT V3 KNX GSM versions prior to 3.9.2 Description An issue exists in ABB EIBPORT V3 KNX and ABB EIBPORT V3 KNX GSM related to improper neutralization of input during web page generation, whic...
EUVD-2024-54646
Malicious code in bioql PyPI...
CVE-2024-13967
This vulnerability allows the successful attacker to gain unauthorized access to a configuration web page delivered by the integrated web Server of EIBPORT. This issue affects EIBPORT V3 KNX: through 3.9.8; EIBPORT V3 KNX GSM: through 3.9.8...
CVE-2024-13967
This vulnerability allows the successful attacker to gain unauthorized access to a configuration web page delivered by the integrated web Server of EIBPORT. This issue affects EIBPORT V3 KNX: through 3.9.8; EIBPORT V3 KNX GSM: through 3.9.8...