CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

878 matches found

OSV•added 2022/12/26 5:15 a.m.•1 views

CVE-2022-24118

Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...

9.1CVSS5.8AI score0.00257EPSS

Exploits0References1

OSV•added 2022/12/26 5:15 a.m.•1 views

CVE-2022-24120

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0...

4.6CVSS5.8AI score0.00047EPSS

Exploits0References1

OSV•added 2022/12/26 5:15 a.m.•0 views

CVE-2022-24116

Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0...

9.8CVSS5.8AI score

Exploits0References1

NVD•added 2022/12/26 5:15 a.m.•16 views

CVE-2022-24116

Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0...

9.8CVSS0.00081EPSS

Exploits0References1

Prion•added 2022/12/26 5:15 a.m.•15 views

Default credentials

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0...

2.1CVSS5.8AI score0.00047EPSS

Exploits0References1Affected Software8

Prion•added 2022/12/26 5:15 a.m.•20 views

Design/Logic Flaw

Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0...

7.5CVSS9.5AI score0.0035EPSS

Exploits0References1Affected Software8

Prion•added 2022/12/26 5:15 a.m.•18 views

Code injection

Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0...

7.5CVSS9.4AI score0.00081EPSS

Exploits0References1Affected Software8

Prion•added 2022/12/26 5:15 a.m.•18 views

Design/Logic Flaw

Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...

7.5CVSS9.4AI score0.00115EPSS

Exploits0References1Affected Software8

Prion•added 2022/12/26 5:15 a.m.•13 views

Default configuration

6.4CVSS9.2AI score0.00257EPSS

Exploits0References1Affected Software8

Cvelist•added 2022/12/26 12:0 a.m.•20 views

CVE-2022-24116

Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0...

9.7AI score0.00081EPSS

Exploits0References1

Vulnrichment•added 2022/12/26 12:0 a.m.•5 views

CVE-2022-24118

7.2AI score0.00257EPSS

Exploits0References1

Vulnrichment•added 2022/12/26 12:0 a.m.•5 views

CVE-2022-24119

Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0...

7.1AI score0.0035EPSS

Exploits0References1

Vulnrichment•added 2022/12/26 12:0 a.m.•6 views

CVE-2022-24120

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0...

6.9AI score0.00047EPSS

Exploits0References1

Cvelist•added 2022/12/26 12:0 a.m.•21 views

CVE-2022-24120

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0...

5.1AI score0.00047EPSS

Exploits0References1

Vulnrichment•added 2022/12/26 12:0 a.m.•7 views

CVE-2022-24116

Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0...

6.9AI score0.00081EPSS

Exploits0References1

CVE•added 2022/12/26 12:0 a.m.•62 views

CVE-2022-24116

CVE-2022-24116: In General Electric Renewable Energy iNET and iNET II radios, inadequate encryption strength (CWE-326) is reported for firmware prior to rev. 8.3.0. The affected products include iNET/iNET II, with other GE radios (SD/TD220X/TD220MAX) affected in the broader advisory context. The ...

9.8CVSS9.4AI score0.00081EPSS

Exploits0References1Affected Software1

CVE•added 2022/12/26 12:0 a.m.•59 views

CVE-2022-24120

CVE-2022-24120 affects General Electric Renewable Energy iNET and iNET II radios (prior to firmware 8.3.0). The root cause is plaintext (cleartext) storage of credentials in the device flash memory, exposing sensitive data on affected systems. Impact is confidentiality risk (C:H) with vector like...

4.6CVSS4.8AI score0.00047EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2022/12/01 12:0 a.m.•3 views

PT-2022-27143 · Gl.Inet · Gl.Inet Goodcloud

Name of the Vulnerable Software and Affected Versions: GL.iNet Goodcloud version 1.0 Description: The issue is related to an insecure design in the software, which allows a remote attacker to access the devices' admin panel. Recommendations: For GL.iNet Goodcloud version 1.0, consider restricting...

5.9CVSS7.2AI score0.00286EPSS

Exploits0References4

CNNVD•added 2022/12/01 12:0 a.m.•2 views

GL.iNet GoodCloud 安全漏洞

GL.iNet GoodCloud is an IoT device management system from China's Guanglian Zhitong GL.iNet. A security vulnerability exists in GL.iNet GoodCloud version 1.0. An attacker can access the device's management panel by exploiting the vulnerability...

5.9CVSS6AI score0.00286EPSS

Exploits0References3