5 matches found
CVE-2024-52285
A vulnerability has been identified in SiPass integrated AC5102 ACC-G2 All versions V6.4.8, SiPass integrated ACC-AP All versions V6.4.8. Affected devices expose several MQTT URLs without authentication. This could allow an unauthenticated remote attacker to access sensitive data...
CVE-2025-27494
A vulnerability has been identified in SiPass integrated AC5102 ACC-G2 All versions V6.4.9, SiPass integrated ACC-AP All versions V6.4.9. Affected devices improperly sanitize input for the pubkey endpoint of the REST API. This could allow an authenticated remote administrator to escalate privileg...
CVE-2025-27494
A vulnerability has been identified in SiPass integrated AC5102 ACC-G2 All versions V6.4.9, SiPass integrated ACC-AP All versions V6.4.9. Affected devices improperly sanitize input for the pubkey endpoint of the REST API. This could allow an authenticated remote administrator to escalate privileg...
CVE-2025-27493
The CVE-2025-27493 entry concerns Siemens SiPass integrated AC5102 (ACC-G2) and ACC-AP, with all versions prior to V6.4.9 affected. The root cause is improper sanitization of user input for telnet commands on the device CLI, enabling an authenticated local administrator to inject and execute arbi...
CVE-2024-52285
A vulnerability has been identified in SiPass integrated AC5102 ACC-G2 All versions V6.4.8, SiPass integrated ACC-AP All versions V6.4.8. Affected devices expose several MQTT URLs without authentication. This could allow an unauthenticated remote attacker to access sensitive data...