CVE-2024-41796

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices allows to change the login password without knowing the current password. In combination with a prepared CSRF attack CVE-2024-41795 an unauthenticated attacker could be able...

CVE-2024-41791

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not authenticate report creation requests. This could allow an unauthenticated remote attacker to read or clear the log files on the device, reset the device or set the...

CVE-2024-41789

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the language parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...

CVE-2024-41794

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. Affected devices contain hardcoded credentials for remote access to the device operating system with root privileges. This could allow unauthenticated remote attackers to gain full access to a device, if they ar...

EUVD-2025-10328

Malicious code in bioql PyPI...

Siemens SENTRON 7KT PAC1260 Data Manager Trust Management Issue Vulnerability

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A trust management issue vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which stems from the presence of hard-coded credentials that can be exploited by an...

Siemens SENTRON 7KT PAC1260 Data Manager OS Command Injection Vulnerability

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the input parameter of a specific GET request, whic...

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260, a multi-functional instrument for measuring parameters of electrical circuits, allows a hacker to gain access to read, modify, and delete data.

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement instruments for electrical networks lies in the lack of authentication for a critical function. Exploiting this vulnerability can allow an attacker to gain access to read, modify, and delet...

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement instruments for electrical networks allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement instruments related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260, a multi-functional device for measuring parameters of electrical circuits, allows a hacker to gain unauthorized access to the device.

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement devices for electrical networks lies in the lack of authentication for a critical function. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to t...

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260, a multi-functional device for measuring parameters of electrical circuits, allows a hacker to perform a CSRF attack.

The vulnerability of the Data Manager component in the microprogramming software for multifunctional measurement instruments for measuring electrical network parameters from Siemens SENTRON 7KT PAC1260 is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a...

CISA Releases Ten Industrial Control Systems Advisories

CISA released ten Industrial Control Systems ICS advisories on April 10, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-100-01 Siemens License Server ICSA-25-100-02 Siemens SIDIS Prime ICSA-25-100-03 Siemens...

CVE-2024-41788

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the input parameters in specific GET requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...

The vulnerability of the software for multifunctional measuring instruments used to measure parameters of electrical networks from Siemens SENTRON 7KT PAC1260 lies in the lack of measures to neutralize special elements, allowing a violator to execute arbitrary codes.

The vulnerability of the software for multifunctional measuring instruments used to measure parameters of electrical networks from Siemens SENTRON 7KT PAC1260 is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability can allow a remote attacker to...

The vulnerability of the software for multifunctional measuring instruments used to measure parameters of electrical networks from Siemens SENTRON 7KT PAC1260 lies in the lack of measures to neutralize special elements, allowing a violator to execute arbitrary codes.

The vulnerability of the software for multifunctional measuring instruments used to measure parameters of electrical networks from Siemens SENTRON 7KT PAC1260 is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability can allow a remote attacker to...

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260, a multi-functional device for measuring parameters of electrical circuits, allows a hacker to gain unauthorized access to the device.

The vulnerability of the Data Manager component in the microprogramming software for multifunctional measurement devices for measuring electrical network parameters from Siemens SENTRON 7KT PAC1260 is related to the use of rigidly encrypted account data. Exploiting this vulnerability can allow an...

CVE-2024-41794

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. Affected devices contain hardcoded credentials for remote access to the device operating system with root privileges. This could allow unauthenticated remote attackers to gain full access to a device, if they ar...

CVE-2024-41793

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices provides an endpoint that allows to enable the ssh service without authentication. This could allow an unauthenticated remote attacker to enable remote access to the device...

CVE-2024-41789

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the language parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...

CVE-2024-41790

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the region parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...