315 matches found
CVE-2025-46738
An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code...
CVE-2025-46750 Authentication Bypass
SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set...
CVE-2025-46738 Deserialization of Untrusted Data
An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code...
CVE-2025-46738 Deserialization of Untrusted Data
An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code...
CVE-2025-46738
CVE-2025-46738 affects Schweitzer Engineering Laboratories SEL-5033 acSELerator RTAC Software. An authenticated attacker can modify layout data files located in the SEL-5033 installation directory to execute arbitrary code. This is a local access vulnerability with low privileges required and use...
PT-2025-20722 · Sel Bios · Sel Bios
Name of the Vulnerable Software and Affected Versions: SEL BIOS packages versions prior to 1.3.49152.117 SEL BIOS packages versions prior to 2.6.49152.98 Description: A local attacker can bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file...
PT-2025-20720 · Schweitzer Engineering Laboratories · Sel Blueframe Os
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An issue exists where an authenticated user can change their password without needing to provide the current password. Recommendations: At the moment, there is no information about a newer...
PT-2025-20709 · Schweitzer Engineering Laboratories · Sel-5037 Sel Grid Configurator
Name of the Vulnerable Software and Affected Versions: Schweitzer Engineering Laboratories SEL-5037 Grid Configurator versions prior to 6.4.0.58 Description: The issue is related to an overly permissive Cross Origin Resource Sharing CORS configuration for a data gateway service in the application...
PT-2025-20710 · Sel-5033 · Sel-5033
Name of the Vulnerable Software and Affected Versions: SEL-5033 affected versions not specified Description: An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code. Recommendations: At the moment, there is no information...
The vulnerability of the init_sel_fs() function in the security/selinux/selinuxfs.c module of the Linux kernel allows a attacker to cause a service failure.
The vulnerability of the initselfs function in the security/selinux/selinuxfs.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2024-39799
Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...
CVE-2024-39803
Multiple buffer overflow vulnerabilities exist in the qos.cgi qossettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer...
CVE-2024-39798
Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...
PT-2025-2580 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: Multiple buffer overflow vulnerabilities exist in the qos.cgi qos settings functionality. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an...
WAVLINK AC3000 安全漏洞
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a buffer overflow vulnerability, which is caused by the selmode parameter of the qos.cgi qossettings function failing to properly validate the length of the input data, which can be exploited by an...
CVE-2024-2103
Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5...
CVE-2024-2103
CVE-2024-2103 covers an “inclusion of undocumented features” vulnerability affecting SEL relays: SEL-700BT, SEL-700G, SEL-710-5, SEL-751, SEL-787-2/ -3/ -4, and SEL-787Z. The issue arises when an attacker with privileged access can trigger undocumented features, causing the relay to behave unpred...
Schweitzer Engineering Laboratories SEL 700 series relays
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schweitzer Engineering Laboratories Equipment : SEL 700 series relays Vulnerability : Inclusion of Undocumented Features 2. RISK EVALUATION Successful exploitation of this vulnerability...
The vulnerability of the microprogrammed protection system for the SEL-451 phase-change order relay exists due to an unreliable authentication mechanism. This allows attackers to execute session hijacking attacks and bypass the authentication process.
The vulnerability of the SEL-451 phase-changing protection relay’s microprogramming software exists due to an unreliable authentication mechanism. Exploiting this vulnerability allows a malicious actor to perform session hijacking attacks and bypass the authentication process...
Schweitzer Engineering Laboratories SEL-411L Input Validation Error Vulnerability
The Schweitzer Engineering Laboratories SEL-411L is a state-of-the-art line differential protection, automation and control system from Schweitzer Engineering Laboratories, USA. An input validation error vulnerability exists in the Schweitzer Engineering Laboratories SEL-411L, which can be...