EUVD-2023-42902

Malicious code in bioql PyPI...

EUVD-2023-42906

Malicious code in bioql PyPI...

CVE-2023-39171

SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials...

CVE-2023-39171

SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials...

CVE-2023-39171 SENEC Storage Box V1,V2 and V3 accidentially expose a management interface

SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials...

CVE-2023-39171

CVE-2023-39171 affects SENEC Storage Box V1, V2 and V3, where the management UI is exposed publicly with known admin credentials. The common description across sources confirms an unauthorized admin access risk due to credentials exposure, enabling administration UI access. The CVSS v3.1 base sco...

CVE-2023-39167

In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data...

CVE-2023-39167

In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data...

CVE-2023-39167 SENEC: Storage Box V1,V2 and V3 affected by improper access control vulnerability

In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data...

CVE-2023-39172 SENEC: Storage Box V1,V2 and V3 transmitting sensitive data unencrypted

The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network traffic...

PT-2023-26823 · Senec +1 · Storage Box V1 +3

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns devices that use publicly available default credentials with administrative privileges. This allows unauthorized access with elevated...

PT-2023-26821 · Senec · Senec Storage Box

Name of the Vulnerable Software and Affected Versions: SENEC Storage Box versions V1, V2, and V3 Description: An unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data. Recommendations: For versions V1, V2, and V3, restrict access to the logfiles to prevent...

EnBw SENEC Legacy Storage Box Security Vulnerability

EnBw SENEC Legacy Storage Box is a series of storage boxes from EnBw Germany. A security vulnerability exists in EnBw SENEC Legacy Storage Box versions V1 through V3, which stems from the use of publicly available default credentials with administrative privileges...

PT-2023-26827 · Senec +1 · Storage Box V1 +3

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue allows a remote unauthenticated attacker to capture and modify network traffic because sensitive information is transmitted unencrypted. Recommendations: At the moment, there is ...

EnBw SENEC Legacy Storage Box Access Control Error Vulnerability

EnBw SENEC Legacy Storage Box is a series of storage boxes from EnBw Germany. An Access Control Error vulnerability exists in EnBw SENEC legacy storage Box versions V1 through V3, which stems from improper access control and leads to log disclosure...

EnBw SENEC Legacy Storage Box Log Disclosure

Advisory ID: Ph0s-2023-001 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-284: Improper Access Control Risk Level: CVSS v3.1 Vector:...

EnBw SENEC Legacy Storage Box Default Credentials

Advisory ID: Ph0s-2023-004 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-1392: Use of Default Credentials Risk Level: CVSS v3.1 Vector:...

EnBw SENEC Legacy Storage Box Exposed Interface

Advisory ID: Ph0s-2023-005 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-923: Improper Restriction of Communication Channel to Intended Endpoints Risk Level:...

EnBw SENEC Legacy Storage Box Hardcoded Credentials

Advisory ID: Ph0s-2023-003 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-307: Improper Restriction of Excessive Authentication Attempts CWE-798: Use of...

EnBw SENEC Legacy Storage Box Information Disclosure

Advisory ID: Ph0s-2023-002 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Risk Level: CVSS v3.1...