11 matches found
CVE-2026-22613
The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest firmware version of Eaton Network M3 which is available on the...
CVE-2026-22613
The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest firmware version of Eaton Network M3 which is available on the...
CVE-2026-22613
The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest firmware version of Eaton Network M3 which is available on the...
CVE-2026-22613
The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest firmware version of Eaton Network M3 which is available on the...
CVE-2026-22613
The CVE-2026-22613 entry pertains to Eaton Network M3 firmware upgrades via command shell, where the server identity check during upgrade is insecure, enabling potential MITM. Affected component: firmware upgrade mechanism; root cause: insecure server identity verification in upgrade flow. Impact...
Eaton Network M3 安全漏洞
Eaton Network M3 is a security network interface card developed by the American company Eaton. There is a security vulnerability in Eaton Network M3, which stems from the insecure mechanism for server identity checks executed through command shells during firmware updates. This vulnerability may...
EUVD-2025-4287
Malicious code in bioql PyPI...
CVE-2025-22495
An improper input validation vulnerability was discovered in the NTP server configuration field of the Network-M2 card. This could result in an authenticated high privileged user having the ability to execute arbitrary commands. The vulnerability has been resolved in the version 3.0.4. Note -...
CVE-2025-22495
An improper input validation vulnerability was discovered in the NTP server configuration field of the Network-M2 card. This could result in an authenticated high privileged user having the ability to execute arbitrary commands. The vulnerability has been resolved in the version 3.0.4. Note -...
CVE-2025-22495
An improper input validation vulnerability was discovered in the NTP server configuration field of the Network-M2 card. This could result in an authenticated high privileged user having the ability to execute arbitrary commands. The vulnerability has been resolved in the version 3.0.4. Note -...
CVE-2025-22495
The CVE-2025-22495 affects the Eaton Network-M2 card, where an improper input validation in the NTP server configuration field can allow an authenticated high-privilege user to execute arbitrary commands. The issue has been fixed in version 3.0.4. Network-M2 is end-of-life; Network-M3 is the reco...