20 matches found
CVE-2022-38840
cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity XXE issue via XML file upload, which leads to local file disclosure...
CVE-2025-14466
A vulnerability in the web interface of the Güralp Fortimus Series, Minimus Series and Certimus Series allows an unauthenticated attacker with network access to send specially-crafted HTTP requests that can cause the web service process to deliberately restart. Although this mechanism limits the...
CVE-2025-14466
A vulnerability in the web interface of the Güralp Fortimus Series, Minimus Series and Certimus Series allows an unauthenticated attacker with network access to send specially-crafted HTTP requests that can cause the web service process to deliberately restart. Although this mechanism limits the...
CVE-2025-14466
The CVE affects Güralp Fortimus/Minimus/Certimus series web interfaces. An unauthenticated attacker with network access can send specially crafted HTTP requests that cause the web service process to restart, producing a brief denial-of-service during restart. Public documents do not specify techn...
CVE-2025-14466 Güralp Systems Fortimus Series, Minimus Series, and Certimus Series have an Allocation of Resources Without Limits or Throttling vulnerability
A vulnerability in the web interface of the Güralp Fortimus Series, Minimus Series and Certimus Series allows an unauthenticated attacker with network access to send specially-crafted HTTP requests that can cause the web service process to deliberately restart. Although this mechanism limits the...
CISA Releases Six Industrial Control Systems Advisories
CISA released six Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-350-01 Güralp Systems FMUS Fortimus Series and MIN Minimus Series ICSA-25-350-02 Johnson Controls PowerG,...
Güralp Systems 安全漏洞
Güralp Systems is a seismic monitor from Güralp Systems in the United Kingdom. A security vulnerability exists in Güralp Systems, which originates from a specially crafted HTTP request and could result in a denial of service. The following versions are affected: Güralp Systems Fortimus Series,...
CVE-2025-8286
The affected products expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device...
Güralp Systems FMUS Series - Unauthenticated Access
Güralp Systems FMUS Series Seismic Monitoring Devices expose an unauthenticated Telnet-based command line interface that allows attackers to modify hardware configurations, manipulate data, or factory reset the device. id: CVE-2025-8286 info: name: Güralp Systems FMUS Series - Unauthenticated...
CVE-2025-8286
The affected products expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device...
CVE-2025-8286 Güralp Systems FMUS Series and MIN Series Devices
The affected products expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device...
CVE-2025-8286 Güralp Systems Güralp FMUS series Missing Authentication for Critical Function
Güralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device...
PT-2025-31582
Name of the Vulnerable Software and Affected Versions: Güralp FMUS series seismic monitoring devices affected versions not specified Description: The Güralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line interface. This could allow an attacker to modify...
CVE-2022-38840
cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity XXE issue via XML file upload, which leads to local file disclosure...
Xxe
cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity XXE issue via XML file upload, which leads to local file disclosure...
CVE-2022-38840
cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity XXE issue via XML file upload, which leads to local file disclosure...
EUVD-2022-41399
cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity XXE issue via XML file upload, which leads to local file disclosure...
PT-2023-13658 · Güralp · Güralp Man-Eam-0003
Name of the Vulnerable Software and Affected Versions: Güralp MAN-EAM-0003 version 3.2.4 Description: The issue is related to an XML External Entity XXE problem via XML file upload, which can lead to local file disclosure. This occurs in the cgi-bin/xmlstatus.cgi component. Recommendations: For...
CVE-2022-38840
The Güralp MAN-EAM-0003 3.2.4 system is affected by an XML External Entity (XXE) vulnerability in the cgi-bin/xmlstatus.cgi endpoint. An XML file upload can trigger local file disclosure, enabling an unauthenticated attacker to read files on the seismic monitoring system. A fix is to upgrade to a...
MAN-EAM-0003 代码问题漏洞
Güralp Systems MAN-EAM-0003 is a sensor from Güralp Systems. A security vulnerability exists in MAN-EAM-0003 version V3.2.4 that stems from the presence of an XML External Entity Injection XXE vulnerability...