16 matches found
EUVD-2016-6726
Malware in sbrugna...
EUVD-2016-6724
Malware in sbrugna...
The vulnerability of the TCP/IP software for the JanTek JTC-200 converter, related to deficiencies in authentication procedures, allows a hacker to gain access to the BusyBox Linux shell.
The vulnerability of the TCP/IP microprogramming software of the JanTek JTC-200 converter is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process and gain access to the BusyBox Linux shell using the Teln...
JanTek JTC-200 RS232-NET Connector CSRF / Missing Authentication Vulnerability
JanTek JTC-200 RS232-NET Connector suffers from cross site request forgery and missing authentication vulnerabilities...
JanTek JTC-200 RS232-NET Connector CSRF / Missing Authentication
Vendor: JanTek Equipment: JTC-200 Vulnerabilities: Cross-site Request Forgery, Improper Authentication Advisory URL: https://ipositivesecurity.com/2017/10/28/ics-jantek-jtc-200-rs232-net-converter-advisory-published/ ICS-CERT Advisory https://ics-cert.us-cert.gov/advisories/ICSA-17-283-02 CVE-ID...
JanTek JTC-200 Unauthorized Access Vulnerability
JanTek JTC-200 is a TCP/IP converter serial server from Taito JanTek Technology. An unauthorized access vulnerability exists in the JanTek JTC-200. An attacker can access the Busybox Linux shell via Telnet service without any authentication...
JanTek JTC-200 Cross-Site Request Forgery Vulnerability
JanTek JTC-200 is a TCP/IP converter serial server from Taito JanTek Technology. A cross-site request forgery vulnerability exists in the JanTek JTC-200. A remote attacker can exploit this vulnerability to perform unauthorized actions as a user...
CVE-2016-5791
An Improper Authentication issue was discovered in JanTek JTC-200, all versions. The improper authentication could provide an undocumented BusyBox Linux shell accessible over the TELNET service without any authentication...
Authentication flaw
An Improper Authentication issue was discovered in JanTek JTC-200, all versions. The improper authentication could provide an undocumented BusyBox Linux shell accessible over the TELNET service without any authentication...
CVE-2016-5789
A Cross-site Request Forgery issue was discovered in JanTek JTC-200, all versions. An attacker could perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request...
Cross site request forgery (csrf)
A Cross-site Request Forgery issue was discovered in JanTek JTC-200, all versions. An attacker could perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request...
CVE-2016-5791
The CVE-2016-5791 entry concerns JanTek JTC-200 (TCP/IP converter). The connected advisory confirms two vulnerabilities: (1) Cross-Site Request Forgery (CSRF) and (2) Improper Authentication that lets an unauthenticated user access an undocumented BusyBox shell over Telnet. All JTC-200 versions a...
CVE-2016-5789
The CVE-2016-5789 entry affects the JanTek JTC-200 all-versions TCP/IP converter. Connected sources confirm two adjacent issues: Cross-Site Request Forgery (CSRF) and Improper Authentication. CSRF enables an attacker to perform actions with the victim’s active session; Improper Authentication cou...
CVE-2016-5791
An Improper Authentication issue was discovered in JanTek JTC-200, all versions. The improper authentication could provide an undocumented BusyBox Linux shell accessible over the TELNET service without any authentication...
CVE-2016-5789
A Cross-site Request Forgery issue was discovered in JanTek JTC-200, all versions. An attacker could perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request...
JanTek JTC-200
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: JanTek Equipment: JTC-200 Vulnerabilities: Cross-site Request Forgery, Improper Authentication AFFECTED PRODUCTS The following versions of JTC-200, a TCP/IP converter, are affected:...