Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.7 views

CVE-2022-38840

cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity XXE issue via XML file upload, which leads to local file disclosure...

7.5CVSS6.6AI score0.09803EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/12/17 10:8 p.m.8 views

CVE-2025-14466

A vulnerability in the web interface of the Güralp Fortimus Series, Minimus Series and Certimus Series allows an unauthenticated attacker with network access to send specially-crafted HTTP requests that can cause the web service process to deliberately restart. Although this mechanism limits the...

6.9CVSS6.9AI score0.0034EPSS
Exploits0References1
NVD
NVD
added 2025/12/16 10:15 p.m.6 views

CVE-2025-14466

A vulnerability in the web interface of the Güralp Fortimus Series, Minimus Series and Certimus Series allows an unauthenticated attacker with network access to send specially-crafted HTTP requests that can cause the web service process to deliberately restart. Although this mechanism limits the...

6.9CVSS0.0034EPSS
Exploits0References2
CVE
CVE
added 2025/12/16 9:31 p.m.11 views

CVE-2025-14466

The CVE affects Güralp Fortimus/Minimus/Certimus series web interfaces. An unauthenticated attacker with network access can send specially crafted HTTP requests that cause the web service process to restart, producing a brief denial-of-service during restart. Public documents do not specify techn...

6.9CVSS6.6AI score0.0034EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/16 9:31 p.m.3 views

CVE-2025-14466 Güralp Systems Fortimus Series, Minimus Series, and Certimus Series have an Allocation of Resources Without Limits or Throttling vulnerability

A vulnerability in the web interface of the Güralp Fortimus Series, Minimus Series and Certimus Series allows an unauthenticated attacker with network access to send specially-crafted HTTP requests that can cause the web service process to deliberately restart. Although this mechanism limits the...

6.9CVSS6.6AI score0.0034EPSS
Exploits0References2
CISA
CISA
added 2025/12/16 12:0 p.m.8 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-350-01 Güralp Systems FMUS Fortimus Series and MIN Minimus Series ICSA-25-350-02 Johnson Controls PowerG,...

6.6AI score
Exploits0References6
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.5 views

Güralp Systems 安全漏洞

Güralp Systems is a seismic monitor from Güralp Systems in the United Kingdom. A security vulnerability exists in Güralp Systems, which originates from a specially crafted HTTP request and could result in a denial of service. The following versions are affected: Güralp Systems Fortimus Series,...

6.9CVSS6.6AI score0.0034EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/02 8:22 p.m.7 views

CVE-2025-8286

The affected products expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device...

9.8CVSS6.5AI score0.01217EPSS
Exploits0References1
Nuclei
Nuclei
added 2025/08/01 1:55 p.m.5 views

Güralp Systems FMUS Series - Unauthenticated Access

Güralp Systems FMUS Series Seismic Monitoring Devices expose an unauthenticated Telnet-based command line interface that allows attackers to modify hardware configurations, manipulate data, or factory reset the device. id: CVE-2025-8286 info: name: Güralp Systems FMUS Series - Unauthenticated...

9.8CVSS7AI score0.01217EPSS
Exploits0References2
NVD
NVD
added 2025/07/31 8:15 p.m.9 views

CVE-2025-8286

The affected products expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device...

9.3CVSS0.01217EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/31 7:23 p.m.10 views

CVE-2025-8286 Güralp Systems FMUS Series and MIN Series Devices

The affected products expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device...

9.3CVSS0.01217EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/31 7:23 p.m.4 views

CVE-2025-8286 Güralp Systems Güralp FMUS series Missing Authentication for Critical Function

Güralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device...

9.8CVSS6.8AI score0.01217EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.5 views

PT-2025-31582

Name of the Vulnerable Software and Affected Versions: Güralp FMUS series seismic monitoring devices affected versions not specified Description: The Güralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line interface. This could allow an attacker to modify...

9.8CVSS6.3AI score0.01217EPSS
Exploits0References9
NVD
NVD
added 2023/04/16 2:15 a.m.44 views

CVE-2022-38840

cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity XXE issue via XML file upload, which leads to local file disclosure...

7.5CVSS7.4AI score0.09803EPSS
Exploits4References2
Prion
Prion
added 2023/04/16 2:15 a.m.16 views

Xxe

cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity XXE issue via XML file upload, which leads to local file disclosure...

5CVSS7.3AI score0.09803EPSS
Exploits4References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/16 12:0 a.m.7 views

CVE-2022-38840

cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity XXE issue via XML file upload, which leads to local file disclosure...

7.4AI score0.09803EPSS
Exploits4References2
EUVD
EUVD
added 2023/04/16 12:0 a.m.7 views

EUVD-2022-41399

cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity XXE issue via XML file upload, which leads to local file disclosure...

7.5CVSS7.3AI score0.09803EPSS
Exploits4References2
Positive Technologies
Positive Technologies
added 2023/04/16 12:0 a.m.5 views

PT-2023-13658 · Güralp · Güralp Man-Eam-0003

Name of the Vulnerable Software and Affected Versions: Güralp MAN-EAM-0003 version 3.2.4 Description: The issue is related to an XML External Entity XXE problem via XML file upload, which can lead to local file disclosure. This occurs in the cgi-bin/xmlstatus.cgi component. Recommendations: For...

7.5CVSS7.2AI score0.09803EPSS
Exploits4References6
CVE
CVE
added 2023/04/16 12:0 a.m.50 views

CVE-2022-38840

The Güralp MAN-EAM-0003 3.2.4 system is affected by an XML External Entity (XXE) vulnerability in the cgi-bin/xmlstatus.cgi endpoint. An XML file upload can trigger local file disclosure, enabling an unauthenticated attacker to read files on the seismic monitoring system. A fix is to upgrade to a...

7.5CVSS7.3AI score0.09803EPSS
In wildExploits4References2Affected Software1
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.5 views

MAN-EAM-0003 代码问题漏洞

Güralp Systems MAN-EAM-0003 is a sensor from Güralp Systems. A security vulnerability exists in MAN-EAM-0003 version V3.2.4 that stems from the presence of an XML External Entity Injection XXE vulnerability...

7.5CVSS7.3AI score0.09803EPSS
Exploits4References4
Rows per page
Query Builder