12 matches found
EUVD-2019-18490
Malware in sbrugna...
EUVD-2019-18491
Malware in sbrugna...
CVE-2019-9106
The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to execute or include local .php files, as demonstrated by menu=php://filter/convert.base64-encode/resource=index.php to read index.php...
SAET Impianti Speciali TEBE Small WebApp Path Traversal Vulnerability
SAET Impianti Speciali TEBE Small is a physical access control system from the Italian company SAET. webApp is one of the web-based management programs. A path traversal vulnerability exists in WebApp version v04.68 in SAET Impianti Speciali TEBE Small 05.01 build 1137, which can be exploited by ...
CVE-2019-9106
The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to execute or include local .php files, as demonstrated by menu=php://filter/convert.base64-encode/resource=index.php to read index.php...
CVE-2019-9105
The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to make several types of API calls without authentication, as demonstrated by retrieving password hashes via an inc/utils/RESTAPI.php?command=CallAPI&customurl=alladminusers...
CVE-2019-9105
The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to make several types of API calls without authentication, as demonstrated by retrieving password hashes via an inc/utils/RESTAPI.php?command=CallAPI&customurl=alladminusers...
Authentication flaw
The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to make several types of API calls without authentication, as demonstrated by retrieving password hashes via an inc/utils/RESTAPI.php?command=CallAPI&customurl=alladminusers...
CVE-2019-9106
The CVE-2019-9106 vulnerability affects WebApp v04.68 in the SAET Impianti Speciali TEBE Small 05.01 build 1137 supervisor. It enables remote attackers to execute or include local PHP files, demonstrated by menu=php://filter/convert.base64-encode/resource=index.php to read index.php. Root cause i...
CVE-2019-9106
The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to execute or include local .php files, as demonstrated by menu=php://filter/convert.base64-encode/resource=index.php to read index.php...
CVE-2019-9105
The CVE-2019-9105 entry concerns WebApp v04.68 on SAET Impianti Speciali TEBE Small 05.01 build 1137 shown as vulnerable to unauthenticated API calls, demonstrated by returning password hashes via inc/utils/REST_API.php?command=CallAPI&customurl=alladminusers. Connected documents corroborate an a...
CVE-2019-9105
The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to make several types of API calls without authentication, as demonstrated by retrieving password hashes via an inc/utils/RESTAPI.php?command=CallAPI&customurl=alladminusers...