10 matches found
Command Execution Vulnerability in Multiple Advantech Products
The Advantech WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN are all industrial automation controllers from Advantech of Taiwan, China. A command execution vulnerability exists in multiple Advantech products, which can be exploited by an attacker to remotely control a relay channel...
CVE-2025-48466 Modbus Command Injection without Authentication
Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs, potentially allowing remote control of relay channel which may lead to operational or safety risks...
Advantech多款产品 安全漏洞
The Advantech WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN are all industrial automation controllers from Advantech of Taiwan, China. A command execution vulnerability exists in multiple Advantech products, which can be exploited by an attacker to remotely control a relay channel...
CVE-2024-5559
CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the device...
CVE-2024-5559
CVE-2024-5559 is a CWE-327 vulnerability described in multiple sources as a cryptographic algorithm weakness that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the Schneider El...
CVE-2022-43704
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol udp/1024 commands interfacing directly with the target device. This, in turn, allows for...
CVE-2022-43704
CVE-2022-43704 affects Sinilink XY-WFT1 WiFi Remote Thermostat (firmware 1.3.6). The issue allows an attacker to bypass the requirement to use MQTT and replay SINILINK521 protocol commands over UDP/1024, interfacing directly with the device to control the onboard relay without mobile-app authenti...
Sinilink XY-WFT1 WiFi Remote Thermostat 安全漏洞
Sinilink XY-WFT1 WiFi Remote Thermostat is a remote thermostat from Sinilink. A security vulnerability exists in the Sinilink XY-WFT1 WiFi Remote Thermostat version 1.3.6, which stems from the lack of need to authenticate via a mobile application, allowing an attacker to bypass the expected...
CVE-2022-43704
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol udp/1024 commands interfacing directly with the target device. This, in turn, allows for...
CVE-2022-31486
An authenticated attacker can send a specially crafted route to the “editroute.cgi” binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.303...