15 matches found
EUVD-2016-6726
Malware in sbrugna...
EUVD-2016-6724
Malware in sbrugna...
JanTek JTC-200 RS232-NET Connector CSRF / Missing Authentication Vulnerability
JanTek JTC-200 RS232-NET Connector suffers from cross site request forgery and missing authentication vulnerabilities...
JanTek JTC-200 RS232-NET Connector CSRF / Missing Authentication
Vendor: JanTek Equipment: JTC-200 Vulnerabilities: Cross-site Request Forgery, Improper Authentication Advisory URL: https://ipositivesecurity.com/2017/10/28/ics-jantek-jtc-200-rs232-net-converter-advisory-published/ ICS-CERT Advisory https://ics-cert.us-cert.gov/advisories/ICSA-17-283-02 CVE-ID...
JanTek JTC-200 Cross-Site Request Forgery Vulnerability
JanTek JTC-200 is a TCP/IP converter serial server from Taito JanTek Technology. A cross-site request forgery vulnerability exists in the JanTek JTC-200. A remote attacker can exploit this vulnerability to perform unauthorized actions as a user...
JanTek JTC-200 Unauthorized Access Vulnerability
JanTek JTC-200 is a TCP/IP converter serial server from Taito JanTek Technology. An unauthorized access vulnerability exists in the JanTek JTC-200. An attacker can access the Busybox Linux shell via Telnet service without any authentication...
Authentication flaw
An Improper Authentication issue was discovered in JanTek JTC-200, all versions. The improper authentication could provide an undocumented BusyBox Linux shell accessible over the TELNET service without any authentication...
CVE-2016-5791
An Improper Authentication issue was discovered in JanTek JTC-200, all versions. The improper authentication could provide an undocumented BusyBox Linux shell accessible over the TELNET service without any authentication...
CVE-2016-5789
A Cross-site Request Forgery issue was discovered in JanTek JTC-200, all versions. An attacker could perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request...
Cross site request forgery (csrf)
A Cross-site Request Forgery issue was discovered in JanTek JTC-200, all versions. An attacker could perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request...
CVE-2016-5789
A Cross-site Request Forgery issue was discovered in JanTek JTC-200, all versions. An attacker could perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request...
CVE-2016-5789
The CVE-2016-5789 entry affects the JanTek JTC-200 all-versions TCP/IP converter. Connected sources confirm two adjacent issues: Cross-Site Request Forgery (CSRF) and Improper Authentication. CSRF enables an attacker to perform actions with the victim’s active session; Improper Authentication cou...
CVE-2016-5791
An Improper Authentication issue was discovered in JanTek JTC-200, all versions. The improper authentication could provide an undocumented BusyBox Linux shell accessible over the TELNET service without any authentication...
CVE-2016-5791
The CVE-2016-5791 entry concerns JanTek JTC-200 (TCP/IP converter). The connected advisory confirms two vulnerabilities: (1) Cross-Site Request Forgery (CSRF) and (2) Improper Authentication that lets an unauthenticated user access an undocumented BusyBox shell over Telnet. All JTC-200 versions a...
JanTek JTC-200
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: JanTek Equipment: JTC-200 Vulnerabilities: Cross-site Request Forgery, Improper Authentication AFFECTED PRODUCTS The following versions of JTC-200, a TCP/IP converter, are affected:...