10 matches found
EUVD-2017-14276
Malware in sbrugna...
CVE-2017-5165
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There is no CSRF Token generated per page and/or per sensitive function. Successful exploitation of this vulnerability can allow silent execution of unauthorized actions on the device such as configuration...
CVE-2017-5162
The CVE-2017-5162 entry affects BINOM3 Universal Multifunctional Electric Power Quality Meter. Root cause is improper access control: lack of authentication for a remote service allows access to device setup and configuration. Documented impact includes unauthorized access to configuration data a...
CVE-2017-5166
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An INFORMATION EXPOSURE flaw can be used to gain privileged access to the device...
CVE-2017-5164
CVE-2017-5164 affects BINOM3 Electric Power Quality Meter (Universal multifunctional model). The vulnerability is Cross-Site Scripting caused by input from a malicious client not being properly verified by the server, allowing script execution in another user’s browser session. The CVE is describ...
CVE-2017-5167
The CVE-2017-5167 issue affects BINOM3 Universal Multifunctional Electric Power Quality Meter due to a hard-coded password/Vulnerability: Users cannot change their passwords. Public advisories (ICS-CERT update and CVE entries) describe the impact as unauthorized access to the device, potential se...
CVE-2017-5166
CVE-2017-5166 affects the BINOM3 Universal multifunctional Electric Power Quality Meter. The vulnerability is an information exposure (CWE-200) flaw that can be used to gain privileged access to the device. From the connected records, the issue is described with high impact: confidential, integri...
BINOM3 Electric Power Quality Meter (Update A)
CVSS v3 10 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: BINOM3 Equipment: Electric Power Quality Meter Vulnerabilities: Cross-site scripting, access control issues, cross-site request forgery CSRF, sensitive information stored in clear-text, and weak credentials management...
BINOM3 Electric Power Quality Meter
CVSS v3 10 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: BINOM3 Equipment: Electric Power Quality Meter Vulnerabilities: Cross-site scripting, access control issues, cross-site request forgery CSRF, sensitive information stored in clear-text, and weak credentials management...
BINOM3 Power Meter CSRF / XSS / Credential Management
Universal multifunctional Electric Power Quality Meter BINOM3 - Multiple Vulnerabilities About The meters are designed for autonomous operation in automated systems: aC/ SCADA systems aC/ Data aquisition and transmission systems aC/ Automated data and measurement systems for revenue and technical...