19 matches found
EUVD-2018-18983
Malware in sbrugna...
EUVD-2018-18984
Malware in sbrugna...
EUVD-2018-18982
Malware in sbrugna...
Schneider Electric MGE UPS and MGE STS 66074 MGE Network Management Card Transverse Sensitive Information Vulnerability (CNVD-2018-11132)
The Schneider Electric MGE UPS and MGE STS are both products of the French company Schneider Electric.The Schneider Electric MGE UPS is an uninterruptible power supply unit.The MGE STS is a static toggle switch.66074 MGE Network Management Card Transverse is one of the network management cards...
CVE-2018-7244
An information disclosure vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server Port 80/443/TCP of the affected devices could allow a remote attacker to obtain sensitive device information if network...
Design/Logic Flaw
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. he integrated web server Port 80/443/TCP of the affected devices could allow remote attackers to discover an administrative...
CVE-2018-7243
An authorization bypass vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server Port 80/443/TCP of the affected devices could allow a remote attacker to get a full access to device, bypassing the...
CVE-2018-7243
An authorization bypass vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server Port 80/443/TCP of the affected devices could allow a remote attacker to get a full access to device, bypassing the...
CVE-2018-7246
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. he integrated web server Port 80/443/TCP of the affected devices could allow remote attackers to discover an administrative...
CVE-2018-7245
The CVE-2018-7245 vulnerability affects Schneider Electric’s 66074 MGE Network Management Card Transverse (installed in MGE UPS and MGE STS). Root cause: improper authorization in the device’s integrated web server (HTTP/HTTPS) that could allow an unauthenticated, remote attacker to modify UPS co...
CVE-2018-7244
Schneider Electric 66074 MGE Network Management Card Transverse (in MGE UPS/MGE STS) has an information disclosure vulnerability in its integrated web server (ports 80/443). A remote attacker with network access can obtain sensitive device information. Root cause is information disclosure via the...
CVE-2018-7244
An information disclosure vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server Port 80/443/TCP of the affected devices could allow a remote attacker to obtain sensitive device information if network...
CVE-2018-7243
Schneider Electric 66074 MGE Network Management Card Transverse in MGE UPS/MGE STS is affected by CVE-2018-7243, an authorization bypass via the device's integrated web server (ports 80/443/TCP). The vulnerability allows a remote attacker to gain full access to the device by bypassing authenticat...
CVE-2018-7246
CVE-2018-7246 affects Schneider Electric’s 66074 MGE Network Management Card Transverse (SNMP/Web Card) used in MGE UPS and MGE STS. The vulnerability arises from the integrated web server (port 80/443) transmitting sensitive data in cleartext, enabling remote attackers to discover an administrat...
mge.ie XSS vulnerability
Open Bug Bounty ID: OBB-133820 Description| Value ---|--- Affected Website:| mge.ie Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Eaton MGE Network Shutdown Module Remote PHP Code Injection
A remote code execution vulnerability has been reported in Eaton MGE Network Shutdown Module...
EATON MGE Office Protection Systems Network Shutdown Module unauthorized access
Authentication bypass and code execution...
n.runs-SA-2008.009 - Eaton MGE OPS Network Shutdown Module - authentication bypass vulnerability and remote code execution
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2008.009 27-October-2008 Vendor: Eaton MGE office protection systems Affected Products: Network Shutdown Module version 3.10 Vulnerability: authentication bypass vulnerability and remote code execution Risk: High Vendor communication:...
Eaton Network Shutdown Module绕过认证漏洞
BUGTRAQ ID: 31933 Network Shutdown Module是EATON公司MGE办公保护系统中用于安全关机的软件。 用户无需认证便可以向Network Shutdown Module的MGE前端(paneactionbutton.php)添加自定义操作,包括执行任意命令。 Eaton Network Shutdown Module 3.10 Eaton ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://download.mgeops.com/explore/eng/network/netsol.htm...