Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2019/01/03 10:29 p.m.12 views

CVE-2018-18995

Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, and changing...

9.8CVSS9.7AI score0.01317EPSS
Exploits0References2
Prion
Prionadded 2019/01/03 10:29 p.m.13 views

Authentication flaw

Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, and changing...

7.5CVSS9.6AI score0.01317EPSS
Exploits0References2
Prion
Prionadded 2019/01/03 10:29 p.m.18 views

Hardcoded credentials

Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an attacker to display/execute the payload in a visit...

4.3CVSS6.9AI score0.00255EPSS
Exploits0References2
Cvelist
Cvelistadded 2019/01/03 10:0 p.m.20 views

CVE-2018-18997

Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an attacker to display/execute the payload in a visit...

6.3AI score0.00255EPSS
Exploits0References2
CVE
CVEadded 2019/01/03 10:0 p.m.56 views

CVE-2018-18995

CVE-2018-18995 affects ABB GATE-E1 and GATE-E2 Gateway Ethernet devices used in Pluto Safety PLC systems. The vulnerability is described as Missing Authentication for Critical Function : administration interfaces (Telnet/Web) accept no authentication, enabling an unauthenticated attacker to acces...

9.8CVSS9.5AI score0.01317EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2019/01/03 10:0 p.m.15 views

CVE-2018-18995

Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, and changing...

9.7AI score0.01317EPSS
Exploits0References2
CVE
CVEadded 2019/01/03 10:0 p.m.53 views

CVE-2018-18997

The CVE-2018-18997 issue affects ABB GATE-E1 and GATE-E2 gateway Ethernet devices used in Pluto Safety PLC systems. The vulnerability stems from Improper Neutralization of Input During Web Page Generation (CWE-79): via the administrative web interface, an unauthenticated attacker can insert an HT...

6.1CVSS6.3AI score0.00255EPSS
Exploits0References2Affected Software1
ICS
ICSadded 2018/12/18 12:0 a.m.51 views

ABB GATE-E2

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: GATE-E2 Vulnerabilities: Missing Authentication for Critical Function, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...

9.8CVSS8.2AI score0.01317EPSS
Exploits0References5
Rows per page
Query Builder