14 matches found
EUVD-2025-1665
Malicious code in bioql PyPI...
EUVD-2024-48631
Malicious code in bioql PyPI...
CVE-2024-7755
The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is present in the network can sniff the traffic and decode the credentials...
CVE-2025-0432
EWON Flexy 202 transmits user credentials in clear text with no encryption when a user is added, or user credentials are changed via its webpage...
CVE-2025-0432 HMS Networks Ewon Flexy 202 Cleartext Transmission of Sensitive Information
EWON Flexy 202 transmits user credentials in clear text with no encryption when a user is added, or user credentials are changed via its webpage...
CVE-2025-0432 HMS Networks Ewon Flexy 202 Cleartext Transmission of Sensitive Information
EWON Flexy 202 transmits user credentials in clear text with no encryption when a user is added, or user credentials are changed via its webpage...
CVE-2025-0432
EWON Flexy 202 exposes credentials by transmitting them in clear text via the device web page when a user is added or credentials are changed. Root cause: lack of encryption/cleartext transmission. Impact: confidentiality of credentials is HIGH. Several sources corroborate the issue; however, no ...
PT-2025-3886 · Hms Industrial Networks · Ewon Flexy 202
Name of the Vulnerable Software and Affected Versions: EWON Flexy 202 affected versions not specified Description: The issue concerns the transmission of user credentials in clear text without encryption when a user is added or user credentials are changed via the device's webpage. This affects t...
CVE-2024-7755
The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is present in the network can sniff the traffic and decode the credentials...
CVE-2024-7755 HMS Networks EWON FLEXY 202 Insufficiently Protected Credentials
The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is present in the network can sniff the traffic and decode the credentials...
CVE-2024-7755
CVE-2024-7755 affects HMS HMS EWON FLEXY 202 gateway (Firmware Version 14.2s0). The root cause is transmission of credentials using a weak encoding (base64), allowing an attacker on the network to sniff and decode credentials. Impact is credential exposure with potential lateral movement or unsup...
CVE-2024-7755 HMS Networks EWON FLEXY 202 Insufficiently Protected Credentials
The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is present in the network can sniff the traffic and decode the credentials...
HMS Networks EWON FLEXY 202
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : HMS Networks Equipment : EWON FLEXY 202 Vulnerability : Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to sniff...
PT-2024-38563 · Unknown · Ewon Flexy 202
Name of the Vulnerable Software and Affected Versions: EWON FLEXY 202 affected versions not specified Description: The issue concerns the transmission of credentials using a weak encoding method, specifically base64. An attacker present in the network can intercept the traffic and decode the...