CVE-2024-22894

An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file...

Code injection

An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file...

CVE-2024-22894

An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file...

Alpha Innotec Heatpumps Encryption Issues Vulnerabilities

Alpha Innotec Heatpumps is a heat pump from Alpha Innotec. A cryptographic issue vulnerability exists in Alpha Innotec Heatpumps wp2reg-V.3.88.0-9015 version and Novelan Heatpumps wp2reg-V.3.88.0-9015 version. A remote attacker could use this vulnerability to execute arbitrary code via the passwo...

CVE-2024-22894

CVE-2024-22894 affects AIT-Deutschland Alpha Innotec Heatpumps (V2.88.3+, V3.89.0+, V4.81.3+) and Novelan Heatpumps (V2.88.3+, V3.89.0+, V4.81.3+). The root cause is hardcoded credentials in the wp2reg-V3.88.0-9015 file, enabling remote attackers to execute arbitrary code via the password compone...

PT-2024-1304 · Alpha Innotec +1 · Alpha Innotec Heatpumps +1

Name of the Vulnerable Software and Affected Versions: Alpha Innotec Heatpumps versions prior to V2.88.3 Alpha Innotec Heatpumps versions prior to V3.89.0 Alpha Innotec Heatpumps versions prior to V4.81.3 Novelan Heatpumps versions prior to V2.88.3 Novelan Heatpumps versions prior to V3.89.0...