Lucene search
K

107 matches found

CNNVD
CNNVD
added 2024/03/20 12:0 a.m.5 views

Elspec G5 digital fault recorder security vulnerability

The Elspec G5 digital fault recorder is a digital fault recorder from Elspec, Israel, used to monitor and record fault events and waveform data in power systems. A security vulnerability exists in Elspec G5 digital fault recorder version 1.1.4.15 and prior versions, which is caused by the presenc...

7.5CVSS7AI score0.00633EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/20 12:0 a.m.12 views

CVE-2024-22079

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Directory traversal can occur via the system logs download mechanism...

6.9AI score0.01016EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/20 12:0 a.m.14 views

CVE-2024-22078

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Privilege escalation can occur via world writable files. The network configuration script has weak filesystem permissions. This results in write access for all authenticated users and the possibility to...

7.2AI score0.00642EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/20 12:0 a.m.17 views

CVE-2024-22084

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Cleartext passwords and hashes are exposed through log files...

6.8AI score0.00393EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/20 12:0 a.m.5 views

Elspec G5 digital fault recorder security vulnerability

Elspec G5 digital fault recorder is a digital fault recorder from Elspec, Israel, used to monitor and record fault events and waveform data in power systems. A security vulnerability exists in Elspec G5 digital fault recorder version 1.1.4.15 and prior versions, which originates from allowing an...

6.2CVSS6.7AI score0.00228EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/20 12:0 a.m.6 views

Elspec G5 digital fault recorder security vulnerability

The Elspec G5 digital fault recorder is a digital fault recorder from Elspec, Israel, used to monitor and record fault events and waveform data in power systems. A security vulnerability exists in Elspec G5 digital fault recorder version 1.1.4.15 and earlier, which originates from an...

9.8CVSS7AI score0.00785EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/20 12:0 a.m.17 views

CVE-2024-22083

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. A hardcoded backdoor session ID exists that can be used for further access to the device, including reconfiguration tasks...

6.8AI score0.00553EPSS
Exploits0References1
CVE
CVE
added 2024/03/20 12:0 a.m.65 views

CVE-2024-22079

Elspec G5 digital fault recorder (versions ≤ 1.1.4.15) is affected by a path traversal vulnerability exploitable through the system logs download mechanism. The issue allows traversal of directories to access logs and potentially sensitive files. Publicly available sources corroborate the vulnera...

7.5CVSS6.8AI score0.01016EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/03/20 12:0 a.m.61 views

CVE-2024-22083

The vulnerability CVE-2024-22083 affects Elspec G5 digital fault recorder versions 1.1.4.15 and earlier. The issue is a hardcoded backdoor session ID that enables unauthorized access to the device, including reconfiguration tasks. Affected components are the system’s session handling/backdoor mec...

6.5CVSS6.8AI score0.00553EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/03/20 12:0 a.m.57 views

CVE-2024-22085

CVE-2024-22085 affects Elspec G5 digital fault recorder, versions 1.1.4.15 and older. The vulnerability is that the shadow file is world readable, enabling local access to sensitive account data and impacting confidentiality. The CVSSv3.1 vector is AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N with a base ...

6.2CVSS6.8AI score0.00228EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/03/20 12:0 a.m.56 views

CVE-2024-22081

CVE-2024-22081 affects Elspec G5 digital fault recorder versions 1.1.4.15 and earlier, with unauthenticated memory corruption possible in the HTTP header parsing mechanism. The issue is described across multiple sources (RH, NVD, Tenable/NASL, CVE lists) as a memory corruption vulnerability explo...

9.8CVSS7.1AI score0.00785EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/03/20 12:0 a.m.56 views

CVE-2024-22077

An issue in Elspec G5 digital fault recorder versions 1.1.4.15 and earlier is reported. The root cause is weak permissions on the SQLite database file, potentially enabling unauthorized access to stored data. Public sources agree on the affected versions and the weak-file-permissions trait, but p...

5.3CVSS6.8AI score0.00482EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/03/20 12:0 a.m.6 views

Elspec G5 digital fault recorder security vulnerability

The Elspec G5 digital fault recorder is a digital fault recorder from Elspec, Israel, used to monitor and record fault events and waveform data in power systems. A security vulnerability exists in Elspec G5 digital fault recorder version 1.1.4.15 and earlier, which stems from weak file system...

8.8CVSS7AI score0.00642EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/20 12:0 a.m.5 views

Elspec G5 digital fault recorder security vulnerability

Elspec G5 digital fault recorder is a digital fault recorder from Elspec, Israel, used to monitor and record fault events and waveform data in power systems. A security vulnerability exists in Elspec G5 digital fault recorder version 1.1.4.15 and earlier, which stems from weak file permissions in...

5.3CVSS6.8AI score0.00482EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/20 12:0 a.m.10 views

CVE-2024-22083

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. A hardcoded backdoor session ID exists that can be used for further access to the device, including reconfiguration tasks...

6.9AI score0.00553EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/20 12:0 a.m.11 views

CVE-2024-22085

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. The shadow file is world readable...

6.9AI score0.00228EPSS
Exploits0References1
CVE
CVE
added 2024/03/20 12:0 a.m.61 views

CVE-2024-22084

CVE-2024-22084 affects Elspec G5 digital fault recorder up to version 1.1.4.15, where cleartext passwords and hashes are exposed through log files. Root cause: credentials stored in log output. Impact: potential credential disclosure via logs. Connected sources confirm the vendor advisory and mul...

7.5CVSS6.8AI score0.00393EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/20 12:0 a.m.12 views

CVE-2024-22077

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. The SQLite database file has weak permissions...

6.9AI score0.00482EPSS
Exploits0References1
CVE
CVE
added 2024/03/20 12:0 a.m.60 views

CVE-2024-22078

CVE-2024-22078 affects Elspec G5 digital fault recorder (versions 1.1.4.15 and earlier). The root cause is weak filesystem permissions on the network configuration script, allowing world-writable access and enabling privilege escalation from a standard user to administrator. Public descriptions c...

8.8CVSS7.2AI score0.00642EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/03/20 12:0 a.m.60 views

CVE-2024-22080

Affected product: Elspec G5 digital fault recorder (versions 1.1.4.15 and earlier). Vulnerability: Unauthenticated memory corruption during XML body parsing. Root cause: memory corruption in XML parsing path. Impact: high confidentiality, integrity, and availability impact (per CVSS 3.1 base metr...

9.8CVSS7.1AI score0.00785EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder