CVE-2023-23545

Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger...

CVE-2023-23545

Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger...

Multiple vulnerabilities in T&D and ESPEC MIC data logger products

Overview Multiple data logger products provided by T Corporation and ESPEC MIC CORP. contain multiple vulnerabilities listed below. Client-side enforcement of server-side security CWE-602 - CVE-2023-22654 Improper authentication CWE-287 - CVE-2023-27388 Missing authentication for critical functio...

JVN#14778242: Multiple vulnerabilities in T&D and ESPEC MIC data logger products

Multiple data logger products provided by T&D Corporation and ESPEC MIC CORP. contain multiple vulnerabilities listed below. Client-side enforcement of server-side security CWE-602 - CVE-2023-22654 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N| Base...

CVE-2023-23444

CVE-2023-23444 affects SICK Flexi Classic and Flexi Soft Gateways with partnumbers: 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597. The issue is a missing authentication for a critical function that al...

CVE-2023-23906

Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product...

CVE-2023-23906

Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product...

CVE-2023-22441

Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which may allow a remote attacker to obtain or alter the setting information of the product or execute some critical functions without authentication, e.g., rebooting the product. Affected products and versio...

CVE-2023-22441

Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which may allow a remote attacker to obtain or alter the setting information of the product or execute some critical functions without authentication, e.g., rebooting the product. Affected products and versio...

PT-2023-18499 · Seiko Solutions · Seiko Solutions Skybridge Mb-A200 +1

Name of the Vulnerable Software and Affected Versions: Seiko Solutions SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier Seiko Solutions SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier Description: A missing authentication issue for a critical function exists in the Seiko Solutions...

CVE-2023-22441

CVE-2023-22441 affects Seiko Solutions SkyBridge MB‑A200 (firmware 01.00.05 and earlier) and SkyBridge BASIC MB‑A130 (firmware 1.4.1 and earlier). The root cause is missing authentication for critical function (CWE-306), enabling a remote attacker to obtain or alter product settings or perform cr...

Siemens SICAM P850 and SICAM P855 Missing Authentication For Critical Function (CVE-2022-29879)

A vulnerability has been identified in SICAM P850 All versions V3.00, SICAM P855 All versions V3.00. The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow authenticated users to access critical devic...

Siemens SICAM P850 and SICAM P855 Missing Authentication For Critical Function (CVE-2022-29877)

A vulnerability has been identified in SICAM P850 All versions V3.00, SICAM P855 All versions V3.00. Affected devices allow unauthenticated access to the web interface configuration area. This could allow an attacker to extract internal configuration details or to reconfigure network settings...

Siemens SICAM P850 and SICAM P855 Missing Authentication For Critical Function (CVE-2022-29881)

A vulnerability has been identified in SICAM P850 All versions V3.00, SICAM P855 All versions V3.00. The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow unauthenticated users to extract internal...

CVE-2023-22813

A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App. Due to a permissive CORS...

WordPress plugin AI ChatBot 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

Authentication flaw

A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An...

CVE-2023-20126 Cisco SPA112 2-Port Phone Adapters Remote Command Execution Vulnerability

A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An...

PT-2023-8263 · Nvidia · Nvidia Dgx H100 Bmc

Name of the Vulnerable Software and Affected Versions: NVIDIA DGX A100 BMC affected versions not specified Description: The issue is related to a missing authentication problem for a critical function in the NVIDIA DGX A100 BMC, which can be exploited by an adjacent network. A successful exploit...

CVE-2023-2231

A vulnerability, which was classified as critical, was found in MAXTECH MAX-G866ac 0.4.1TBRO20160314. This affects an unknown part of the component Remote Management. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed t...