Lucene search
K

79 matches found

NVD
NVD
added 2023/05/19 5:15 a.m.45 views

CVE-2023-1618

Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 Serial number 2310 and prior allows a remote unauthenticated attacker to bypass authentication and illegally log into the affected module by connecting to it via telnet which is hidden function and i...

8.6CVSS8.3AI score0.01132EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/05/19 4:19 a.m.40 views

CVE-2023-1618 Authentication Bypass Vulnerability in MELSEC WS Series Ethernet Interface Module

Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 Serial number 2310 and prior allows a remote unauthenticated attacker to bypass authentication and illegally log into the affected module by connecting to it via telnet which is hidden function and i...

7.5CVSS9AI score0.01132EPSS
Exploits0References3
CVE
CVE
added 2023/05/19 4:19 a.m.53 views

CVE-2023-1618

The vulnerability CVE-2023-1618 affects Mitsubishi Electric MELSEC WS Series WS0-GETH00200 Ethernet interface modules (serial numbers 2310 and prior). The issue is an authentication bypass via a hidden telnet function that is enabled by default at factory, allowing remote unauthenticated access t...

8.6CVSS8.3AI score0.01132EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/04/19 12:0 a.m.66 views

CVE-2023-23451

CVE-2023-23451 affects SICK Flexi Classic and Flexi Soft Gateways (e.g., UE410-EN1/EN3/EN3S04/EN4 and FX0-GENT00000/FX0-GMOD00000/FX0-GPNT00000, including V2 variants) where Telnet is enabled by factory default and no password is set in the default configuration. This creates potential unauthoriz...

9.8CVSS9.4AI score0.00621EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/02/21 4:15 p.m.5 views

CVE-2023-22920

A security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware version V2.00ABMP.6C0 due to a factory default misconfiguration intended for testing purposes. A remote attacker could leverage this vulnerability to access an affected device using Telnet...

9.8CVSS7.3AI score0.00842EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/21 12:0 a.m.6 views

PT-2023-1915 · Zyxel · Zyxel Lte3316-M604 +1

Name of the Vulnerable Software and Affected Versions: Zyxel LTE3316-M604 version V2.00ABMP.6C0 Zyxel LTE3202-M437 affected versions not specified Description: A security misconfiguration vulnerability exists due to a factory default misconfiguration intended for testing purposes. This allows a...

9.8CVSS9.4AI score0.00842EPSS
Exploits0References5
NVD
NVD
added 2022/12/26 5:15 a.m.42 views

CVE-2022-24118

Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...

9.1CVSS0.00631EPSS
Exploits0References1
Prion
Prion
added 2022/12/26 5:15 a.m.26 views

Default configuration

Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...

6.4CVSS9.2AI score0.00631EPSS
Exploits0References1Affected Software8
Cvelist
Cvelist
added 2022/12/26 12:0 a.m.24 views

CVE-2022-24118

Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...

9.4AI score0.00631EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/26 12:0 a.m.7 views

CVE-2022-24118

Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...

7.2AI score0.00631EPSS
Exploits0References1
NVD
NVD
added 2022/11/23 2:15 a.m.25 views

CVE-2020-23592

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to Reset ONU to Factory Default through ' /mgmdevreset.asp.' Resetting to default leads to Escalation o...

8.8CVSS0.00531EPSS
Exploits0References1
Prion
Prion
added 2022/11/23 2:15 a.m.20 views

Cross site request forgery (csrf)

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to Reset ONU to Factory Default through ' /mgmdevreset.asp.' Resetting to default leads to Escalation o...

6.8CVSS8.7AI score0.00531EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/09/27 6:15 p.m.24 views

CVE-2021-20034

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings...

9.1CVSS0.80701EPSS
Exploits4References2
OSV
OSV
added 2021/09/27 6:15 p.m.1 views

CVE-2021-20034

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings...

9.1CVSS5.9AI score0.80701EPSS
Exploits4References2
Prion
Prion
added 2021/09/27 6:15 p.m.19 views

Path traversal

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings...

6.4CVSS9.2AI score0.80701EPSS
Exploits4References2Affected Software5
CVE
CVE
added 2021/09/27 5:20 p.m.139 views

CVE-2021-20034

CVE-2021-20034 affects SonicWall SMA100 series appliances. The vulnerability is an improper access control that allows a remote, unauthenticated attacker to bypass path traversal checks and delete arbitrary files, potentially causing a reboot to factory defaults. Impacted products include SMA 100...

9.1CVSS9.2AI score0.80701EPSS
Exploits4References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/09/27 12:0 a.m.30 views

CVE-2021-20034

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings. Recent assessments: jbaines-r7 at October 12, 2021 8:21pm UTC reported: Beyon...

6.4CVSS4.5AI score0.80701EPSS
Exploits4References3
The Hacker News
The Hacker News
added 2021/09/25 5:39 a.m.38 views

SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices

Network security company SonicWall has addressed a critical security vulnerability affecting its Secure Mobile Access SMA 100 series appliances that can permit remote, unauthenticated attackers to gain administrator access on targeted devices remotely. Tracked as CVE-2021-20034, the arbitrary fil...

9.1CVSS3.1AI score0.80701EPSS
Exploits4
NVD
NVD
added 2021/07/15 4:15 p.m.17 views

CVE-2020-12734

DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and demand a ransom payment from the rightful device owner, because there is no way to reset to Factory Default settings...

8.1CVSS0.00941EPSS
Exploits1References2
Prion
Prion
added 2021/07/15 4:15 p.m.17 views

Design/Logic Flaw

DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and demand a ransom payment from the rightful device owner, because there is no way to reset to Factory Default settings...

4.8CVSS8AI score0.00941EPSS
Exploits1References2
Rows per page
Query Builder