EUVD-2014-5284

Malware in sbrugna...

CVE-2014-8329

Schrack Technik microControl with firmware before 1.7.0 937 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt...

CVE-2014-5396

The web interface in Schrack Technik microControl with firmware before 1.7.0 937 has a hardcoded password of not for the "user" account, which makes it easier for remote attackers to obtain access via unspecified vectors...

SQL Injection Vulnerability in Microcontrol Smart Cafeteria Management System of Shenzhen Microcontrol One Finger Technology Co.

Shenzhen Micro-control One Finger Technology is a value-integrated enterprise that aspires to biometrics technology research as well as applied product development, production, consulting, sales and service. Shenzhen Micro-control One Finger Technology Co., Ltd Micro-control Smart Cafeteria...

CVE-2014-8329

Schrack Technik microControl with firmware before 1.7.0 937 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt...

Improper access control

Schrack Technik microControl with firmware before 1.7.0 937 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt...

CVE-2014-8329

The CVE-2014-8329 entry affects Schrack Technik microControl devices running firmware before 1.7.0 (937). The vulnerability stems from storing sensitive information under the web root with insufficient access control, enabling remote attackers to obtain FTP/Telnet credentials via a direct request...

CVE-2014-8329

Schrack Technik microControl with firmware before 1.7.0 937 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt...

Schrack MICROCONTROL multiple security vulnerabilities

Multiple bugs in web interface...

SEC Consult SA-20140710-2 :: Multiple critical vulnerabilites in Schrack MICROCONTROL emergency light system

SEC Consult Vulnerability Lab Security Advisory 20140710-2 ======================================================================= title: Multiple critical vulnerabilites product: Schrack MICROCONTROL emergency light system vulnerable version: before 1.7.0 937 fixed version: 1.7.0 937 impact:...

CVE-2014-5396

The web interface in Schrack Technik microControl with firmware before 1.7.0 937 has a hardcoded password of not for the "user" account, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-5396

The CVE-2014-5396 issue affects Schrack Technik microControl web interface on firmware versions before 1.7.0 (937). The root cause is a hardcoded password for the user account, enabling remote access via unspecified vectors. The connected sources reiterate the same description; no explicit fix or...

CVE-2014-5382

Multiple cross-site scripting XSS vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 937 allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 937 allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors...

CVE-2014-5382

Multiple cross-site scripting XSS vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 937 allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors...

CVE-2014-5382

Schrack Technik microControl firmware 1.7.0 (937) web interface contains multiple XSS vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors. The issue is documented in CVE-2014-5382 and af...

Schrack MICROCONTROL XSS / Disclosure / Weak Default Password

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilites product: Schrack MICROCONTROL emergency light system vulnerable version: before 1.7.0 937 fixed version: 1.7.0 937 impact: critical...