Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3851 matches found

NVD
NVDadded 2022/11/08 8:15 p.m.31 views

CVE-2022-33322

Cross-site scripting vulnerability in Mitsubishi Electric consumer electronics products Air Conditioning, Wi-Fi Interface, Refrigerator, HEMS adapter, Remote control with Wi-Fi Interface, BATHROOM THERMO VENTILATOR, Rice cooker, Mitsubishi Electric HEMS control adapter, Energy Recovery Ventilator...

6.1CVSS0.00837EPSS
Exploits0References3
NVD
NVDadded 2022/11/08 8:15 p.m.19 views

CVE-2022-33321

Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic Authentication for HTTP connections in Mitsubishi Electric consumer electronics products PHOTOVOLTAIC COLOR MONITOR ECO-GUIDE, HEMS adapter, Wi-Fi Interface, Air Conditioning, Induction hob, Mitsubishi Electric...

9.8CVSS0.00901EPSS
Exploits0References3
Prion
Prionadded 2022/11/08 8:15 p.m.21 views

Design/Logic Flaw

Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic Authentication for HTTP connections in Mitsubishi Electric consumer electronics products PHOTOVOLTAIC COLOR MONITOR ECO-GUIDE, HEMS adapter, Wi-Fi Interface, Air Conditioning, Induction hob, Mitsubishi Electric...

7.5CVSS9.3AI score0.00901EPSS
Exploits0References3Affected Software119
Prion
Prionadded 2022/11/08 8:15 p.m.19 views

Cross site scripting

Cross-site scripting vulnerability in Mitsubishi Electric consumer electronics products Air Conditioning, Wi-Fi Interface, Refrigerator, HEMS adapter, Remote control with Wi-Fi Interface, BATHROOM THERMO VENTILATOR, Rice cooker, Mitsubishi Electric HEMS control adapter, Energy Recovery Ventilator...

5.8CVSS6.3AI score0.00837EPSS
Exploits0References3Affected Software119
Vulnrichment
Vulnrichmentadded 2022/11/08 12:0 a.m.5 views

CVE-2022-33322

Cross-site scripting vulnerability in Mitsubishi Electric consumer electronics products Air Conditioning, Wi-Fi Interface, Refrigerator, HEMS adapter, Remote control with Wi-Fi Interface, BATHROOM THERMO VENTILATOR, Rice cooker, Mitsubishi Electric HEMS control adapter, Energy Recovery Ventilator...

6.6AI score0.00837EPSS
Exploits0References3
CNNVD
CNNVDadded 2022/11/08 12:0 a.m.5 views

Mitsubishi Electric consumer electronics products 安全漏洞

Mitsubishi Electric consumer electronics products is a line of consumer electronics products from Mitsubishi Electric Corporation Mitsubishi Electric of Japan. A security vulnerability exists in Mitsubishi Electric consumer electronics products that stems from the use of basic authentication for...

9.8CVSS8.2AI score0.00901EPSS
Exploits0References4
Cvelist
Cvelistadded 2022/11/08 12:0 a.m.23 views

CVE-2022-33322

Cross-site scripting vulnerability in Mitsubishi Electric consumer electronics products Air Conditioning, Wi-Fi Interface, Refrigerator, HEMS adapter, Remote control with Wi-Fi Interface, BATHROOM THERMO VENTILATOR, Rice cooker, Mitsubishi Electric HEMS control adapter, Energy Recovery Ventilator...

6.6AI score0.00837EPSS
Exploits0References3
CVE
CVEadded 2022/11/08 12:0 a.m.80 views

CVE-2022-33322

Technical details (affected products/versions, root cause, patches) are not publicly provided in the connected documents. Monitor for updates from official advisories (Mitsubishi Electric PSIRT, Red Hat, NVD) for concrete technical information and fixes.

6.1CVSS6.3AI score0.00837EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2022/11/08 12:0 a.m.67 views

CVE-2022-33321

Summary: CVE-2022-33321 is a vulnerability in Mitsubishi Electric consumer electronics products caused by using Basic Authentication over HTTP. This cleartext transmission can let a remote, unauthenticated attacker sniff credentials (username/password) and potentially cause a DoS. Affected produc...

9.8CVSS9.3AI score0.00901EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2022/11/08 12:0 a.m.19 views

CVE-2022-33321

Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic Authentication for HTTP connections in Mitsubishi Electric consumer electronics products PHOTOVOLTAIC COLOR MONITOR ECO-GUIDE, HEMS adapter, Wi-Fi Interface, Air Conditioning, Induction hob, Mitsubishi Electric...

9.6AI score0.00901EPSS
Exploits0References3
CNNVD
CNNVDadded 2022/11/08 12:0 a.m.3 views

Mitsubishi Electric consumer electronics products 跨站脚本漏洞

Mitsubishi Electric consumer electronics products is a line of consumer electronics products from Mitsubishi Electric Corporation Mitsubishi Electric of Japan. A security vulnerability exists in Mitsubishi Electric consumer electronics products that could allow an unauthenticated, remote attacker...

6.1CVSS6.5AI score0.00837EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2022/11/08 12:0 a.m.3 views

PT-2022-21769 · Mitsubishi · Mitsubishi Electric Consumer Electronics Products

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric consumer electronics products affected versions not specified Description: A Cleartext Transmission of Sensitive Information issue exists due to the use of Basic Authentication for HTTP connections, allowing a remote...

9.8CVSS9.5AI score0.00901EPSS
Exploits0References7
CNNVD
CNNVDadded 2022/11/04 12:0 a.m.3 views

Delta Electronics Industrial Automation DIALink 路径遍历漏洞

Delta Electronics Industrial Automation DIALink is an industrial automation IoT device from Delta Electronics of Taiwan, China. A path traversal vulnerability exists in Delta Electronics Industrial Automation DIALink because it uses external input to construct a pathname that identifies a file or...

8.1CVSS7.6AI score0.02283EPSS
Exploits0References3
OSV
OSVadded 2022/10/31 8:15 p.m.4 views

CVE-2022-41772

Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives containing characters used in path traversal. This path traversal could result in remote code execution...

9.8CVSS6AI score0.24945EPSS
Exploits0References1
OSV
OSVadded 2022/10/31 8:15 p.m.3 views

CVE-2022-41629

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to access the aprunning endpoint, which could allow an attacker to retrieve any file from the “RunningConfigs” directory. The attacker could then view and modify configuration files such as...

9.1CVSS5.8AI score0.00589EPSS
Exploits0References1
NVD
NVDadded 2022/10/31 8:15 p.m.18 views

CVE-2022-41644

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for a function that changes group privileges. An attacker could use this to create a denial-of-service state or escalate their own privileges...

8.8CVSS0.00686EPSS
Exploits0References1
OSV
OSVadded 2022/10/31 8:15 p.m.3 views

CVE-2022-41779

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize network packets without proper verification. If the device connects to an attacker-controlled server, the attacker could send maliciously crafted packets that would be deserialized and executed, leading to remote...

9.8CVSS6AI score0.01053EPSS
Exploits0References1
NVD
NVDadded 2022/10/31 8:15 p.m.42 views

CVE-2022-41657

Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application programmable interfaces APIs. This could create arbitrary files, which could be used in API operations and could ultimately...

9.8CVSS0.20898EPSS
Exploits0References1
NVD
NVDadded 2022/10/31 8:15 p.m.39 views

CVE-2022-41776

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to trigger the WriteConfiguration method, which could allow an attacker to provide new values for user configuration files such as UserListInfo.xml. This could lead to the changing of administrativ...

7.5CVSS0.00511EPSS
Exploits0References1
NVD
NVDadded 2022/10/31 8:15 p.m.17 views

CVE-2022-41629

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to access the aprunning endpoint, which could allow an attacker to retrieve any file from the “RunningConfigs” directory. The attacker could then view and modify configuration files such as...

9.1CVSS0.00589EPSS
Exploits0References1
Rows per page
Query Builder