16 matches found
EUVD-2014-8168
Malware in sbrugna...
EUVD-2014-5284
Malware in sbrugna...
CVE-2014-8329
Schrack Technik microControl with firmware before 1.7.0 937 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt...
CVE-2014-5396
The web interface in Schrack Technik microControl with firmware before 1.7.0 937 has a hardcoded password of not for the "user" account, which makes it easier for remote attackers to obtain access via unspecified vectors...
CVE-2014-8329
Schrack Technik microControl with firmware before 1.7.0 937 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt...
Improper access control
Schrack Technik microControl with firmware before 1.7.0 937 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt...
CVE-2014-8329
The CVE-2014-8329 entry affects Schrack Technik microControl devices running firmware before 1.7.0 (937). The vulnerability stems from storing sensitive information under the web root with insufficient access control, enabling remote attackers to obtain FTP/Telnet credentials via a direct request...
CVE-2014-8329
Schrack Technik microControl with firmware before 1.7.0 937 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt...
CVE-2014-5396
The web interface in Schrack Technik microControl with firmware before 1.7.0 937 has a hardcoded password of not for the "user" account, which makes it easier for remote attackers to obtain access via unspecified vectors...
Hardcoded credentials
The web interface in Schrack Technik microControl with firmware before 1.7.0 937 has a hardcoded password of not for the "user" account, which makes it easier for remote attackers to obtain access via unspecified vectors...
CVE-2014-5396
The CVE-2014-5396 issue affects Schrack Technik microControl web interface on firmware versions before 1.7.0 (937). The root cause is a hardcoded password for the user account, enabling remote access via unspecified vectors. The connected sources reiterate the same description; no explicit fix or...
CVE-2014-5396
The web interface in Schrack Technik microControl with firmware before 1.7.0 937 has a hardcoded password of not for the "user" account, which makes it easier for remote attackers to obtain access via unspecified vectors...
CVE-2014-5382
Multiple cross-site scripting XSS vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 937 allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 937 allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors...
CVE-2014-5382
Multiple cross-site scripting XSS vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 937 allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors...
CVE-2014-5382
Schrack Technik microControl firmware 1.7.0 (937) web interface contains multiple XSS vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors. The issue is documented in CVE-2014-5382 and af...