Zigor Corporación ZGR TPS200 NG 安全漏洞

The Zigor Corporación ZGR TPS200 NG is a rectifier for battery chargers from the Spanish company Zigor Corporación. Capable of managing sealed lead-acid or lithium batteries for industrial applications, remote control for substations and remote control of cellular phones, as well as applications...

PT-2022-9066 · Unknown · Zgr Tps200 Ng

Name of the Vulnerable Software and Affected Versions: ZGR TPS200 NG version 2.00 firmware and 1.01 hardware Description: The issue allows an attacker with access to the network where the affected asset is located to operate and change several parameters without having to be registered as a user ...

Missing Signature Verification Leads To Critical Parameter Changes

Lines of code Vulnerability details Impact During the code review, It has been observed that, signature verification is commented out in the protocol. Without off-chain signature verification, an attacker is able to edit parameters in the protocol Proof of Concept 1. Navigate to the following...

CVE-2021-35053

CVE-2021-35053 is described across multiple connected sources as a denial-of-service risk tied to arbitrary changes of Firefox browser parameter files that can lead to the system failing to boot after a reboot. The documents do not provide explicit affected Firefox versions, a concrete root-cause...

CVE-2021-22722

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Stored Cross-site Scripting' vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all...

PT-2021-19569 · Siemens · Sinamics Starter +3

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS 7 versions V8.2 and earlier SIMATIC PCS 7 versions prior to V9.1 SP2 SIMATIC PDM versions prior to V9.2 SP2 SIMATIC STEP 7 versions prior to V5.7 SINAMICS STARTER versions prior to V5.4 SP2 HF1 Description: A vulnerability has bee...

Huawei Mobile Product Input Validation Vulnerability

The Huawei Vicky-AL00A/Victoria-AL00A/Warsaw-AL00 is a smartphone from the Chinese company Huawei Huawei. An input validation vulnerability exists in the Bastet of the Huawei Vicky-AL00A/Victoria-AL00A/Warsaw-AL00 phones due to a lack of parameter checking. An attacker can trick the user into...

CVE-2017-5672

Kony Enterprise Mobile Management EMM before 4.2.5.2 has the vulnerability of disclosing the private key in clear-text when changing the parameters of the request...

CVE-2017-5165

CVE-2017-5165 affects the BINOM3 Universal Multifunctional Electric Power Quality Meter. The issue is a lack of CSRF protection (no CSRF token per page/sensitive function), which could allow a remote attacker to perform silent, unauthorized actions such as changing configuration and saving modifi...

Security Bypass Vulnerabilities in Multiple Moxa Products

Moxa ioLogik E1210 and others are Moxa's remote Ethernet I/O products that provide bridge monitoring. A security vulnerability exists in several Moxa products. A remote attacker could exploit the vulnerability to execute arbitrary code, modify parameters and settings, or reboot the device...

CVE-2016-5807

Tollgrade LightHouse SMS before 5.1 patch 3 allows remote authenticated users to bypass an intended administrative-authentication requirement, and read or change parameter values, via a direct request...