15 matches found
CVE-2020-15484
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The internal storage of the underlying Linux system stores data in cleartext, without integrity protection against tampering...
Meinberg LANTIME Arbitrary File Read (CVE-2018-10834)
Admin and info users were able to read data through the data upload mechanism to which only root users have access. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
CVE-2020-15485
The CVE-2020-15485 issue affects Nescomed Multipara Monitor M1000 devices, where the onboard Flash memory stores data in cleartext without integrity protection against tampering. This impacts confidentiality (data exposed) but not integrity/availability of the device according to the provided det...
CVE-2020-15485
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The onboard Flash memory stores data in cleartext, without integrity protection against tampering...
CVE-2020-15483
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The physical UART debug port provides a shell, without requiring a password, with complete access...
CVE-2020-15482
CVE-2020-15482 concerns Nescomed Multipara Monitor M1000 devices, where an unencrypted TELNET service is enabled by default with a blank admin password, enabling an attacker on the local network to gain root access. The available connected sources corroborate the issue across multiple references ...
CVE-2020-15483
CVE-2020-15483 affects Nescomed Multipara Monitor M1000 devices. The issue is a passwordless, full-access shell via the physical UART debug port, granting local/physical access with high impact on confidentiality, integrity, and availability. Public documentation in NVD/Red Hat confirms the UART ...
CVE-2020-15484
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The internal storage of the underlying Linux system stores data in cleartext, without integrity protection against tampering...
Code injection
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The internal storage of the underlying Linux system stores data in cleartext, without integrity protection against tampering...
CVE-2020-15484
The CVE-2020-15484 issue affects Nescomed Multipara Monitor M1000 devices, where the underlying Linux system stores data in cleartext with no integrity protection. The risk is limited to data confidentiality and tampering protection within the device’s storage; the reports do not provide exploit ...
Meinberg Funkuhren Lantime M300 and Meinberg Funkuhren Lantime M1000 Command Injection Vulnerabilities
The Meinberg Funkuhren Lantime M300 and the Meinberg Funkuhren Lantime M1000 are both rack-mounted time servers from Meinberg Funkuhren in Germany. A security vulnerability exists in the Meinberg Funkuhren Lantime M300 and Meinberg Funkuhren Lantime M1000. The vulnerability can be exploited to...
CVE-2020-7240
Affected: Meinberg Lantime M300 and M1000 devices. Vulnerability: remote code execution by editing the /config/netconf.cmd (Extended Network Configuration) script via a webUI function accessible to fully authenticated super-users. Root cause: webUI allows editing a script that executes OS command...
CVE-2020-7240
Meinberg Lantime M300 and M1000 devices allow attackers with privileges to configure a device to execute arbitrary OS commands by editing the /config/netconf.cmd script aka Extended Network Configuration. Note: According to the description, the vulnerability requires a fully authenticated...
PT-2020-19490 · Meinberg · Meinberg Lantime M300 +1
Name of the Vulnerable Software and Affected Versions: Meinberg Lantime M300 and M1000 devices affected versions not specified Description: The issue allows attackers with privileges to configure a device to execute arbitrary OS commands by editing the /config/netconf.cmd script, also known as...
Foba Fiber Laser Marking Machine M1000
Binary data 764785.prm...