79 matches found
CVE-2023-1618
Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 Serial number 2310 and prior allows a remote unauthenticated attacker to bypass authentication and illegally log into the affected module by connecting to it via telnet which is hidden function and i...
CVE-2023-1618 Authentication Bypass Vulnerability in MELSEC WS Series Ethernet Interface Module
Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 Serial number 2310 and prior allows a remote unauthenticated attacker to bypass authentication and illegally log into the affected module by connecting to it via telnet which is hidden function and i...
CVE-2023-1618
The vulnerability CVE-2023-1618 affects Mitsubishi Electric MELSEC WS Series WS0-GETH00200 Ethernet interface modules (serial numbers 2310 and prior). The issue is an authentication bypass via a hidden telnet function that is enabled by default at factory, allowing remote unauthenticated access t...
CVE-2023-23451
CVE-2023-23451 affects SICK Flexi Classic and Flexi Soft Gateways (e.g., UE410-EN1/EN3/EN3S04/EN4 and FX0-GENT00000/FX0-GMOD00000/FX0-GPNT00000, including V2 variants) where Telnet is enabled by factory default and no password is set in the default configuration. This creates potential unauthoriz...
CVE-2023-22920
A security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware version V2.00ABMP.6C0 due to a factory default misconfiguration intended for testing purposes. A remote attacker could leverage this vulnerability to access an affected device using Telnet...
PT-2023-1915 · Zyxel · Zyxel Lte3316-M604 +1
Name of the Vulnerable Software and Affected Versions: Zyxel LTE3316-M604 version V2.00ABMP.6C0 Zyxel LTE3202-M437 affected versions not specified Description: A security misconfiguration vulnerability exists due to a factory default misconfiguration intended for testing purposes. This allows a...
CVE-2022-24118
Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...
Default configuration
Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...
CVE-2022-24118
Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...
CVE-2022-24118
Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...
CVE-2020-23592
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to Reset ONU to Factory Default through ' /mgmdevreset.asp.' Resetting to default leads to Escalation o...
Cross site request forgery (csrf)
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to Reset ONU to Factory Default through ' /mgmdevreset.asp.' Resetting to default leads to Escalation o...
CVE-2021-20034
An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings...
CVE-2021-20034
An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings...
Path traversal
An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings...
CVE-2021-20034
CVE-2021-20034 affects SonicWall SMA100 series appliances. The vulnerability is an improper access control that allows a remote, unauthenticated attacker to bypass path traversal checks and delete arbitrary files, potentially causing a reboot to factory defaults. Impacted products include SMA 100...
CVE-2021-20034
An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings. Recent assessments: jbaines-r7 at October 12, 2021 8:21pm UTC reported: Beyon...
SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices
Network security company SonicWall has addressed a critical security vulnerability affecting its Secure Mobile Access SMA 100 series appliances that can permit remote, unauthenticated attackers to gain administrator access on targeted devices remotely. Tracked as CVE-2021-20034, the arbitrary fil...
CVE-2020-12734
DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and demand a ransom payment from the rightful device owner, because there is no way to reset to Factory Default settings...
Design/Logic Flaw
DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and demand a ransom payment from the rightful device owner, because there is no way to reset to Factory Default settings...