20 matches found
EUVD-2023-42902
Malicious code in bioql PyPI...
EUVD-2023-42906
Malicious code in bioql PyPI...
CVE-2023-39171
SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials...
CVE-2023-39171
SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials...
Command injection
SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials...
CVE-2023-39171 SENEC Storage Box V1,V2 and V3 accidentially expose a management interface
SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials...
CVE-2023-39171
CVE-2023-39171 affects SENEC Storage Box V1, V2 and V3, where the management UI is exposed publicly with known admin credentials. The common description across sources confirms an unauthorized admin access risk due to credentials exposure, enabling administration UI access. The CVSS v3.1 base sco...
CVE-2023-39167
In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data...
CVE-2023-39167
In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data...
Code injection
In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data...
CVE-2023-39169 SENEC: Storage Box V1,V2 and V3 using default credentials
The affected devices use publicly available default credentials with administrative privileges...
CVE-2023-39167 SENEC: Storage Box V1,V2 and V3 affected by improper access control vulnerability
In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data...
CVE-2023-39172 SENEC: Storage Box V1,V2 and V3 transmitting sensitive data unencrypted
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network traffic...
EnBw SENEC Legacy Storage Box Security Vulnerability
The EnBw SENEC Legacy Storage Box is a series of storage boxes from the German company EnBw. A security vulnerability exists in EnBw SENEC Legacy Storage Box versions V1, V2, and V3, which stems from an administrator credentials disclosure, and can be exploited by an attacker to gain access to th...
PT-2023-26821 · Senec · Senec Storage Box
Name of the Vulnerable Software and Affected Versions: SENEC Storage Box versions V1, V2, and V3 Description: An unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data. Recommendations: For versions V1, V2, and V3, restrict access to the logfiles to prevent...
PT-2023-26823 · Senec +1 · Storage Box V1 +3
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns devices that use publicly available default credentials with administrative privileges. This allows unauthorized access with elevated...
PT-2023-26827 · Senec +1 · Storage Box V1 +3
Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue allows a remote unauthenticated attacker to capture and modify network traffic because sensitive information is transmitted unencrypted. Recommendations: At the moment, there is ...
EnBw SENEC Legacy Storage Box Access Control Error Vulnerability
EnBw SENEC Legacy Storage Box is a series of storage boxes from EnBw Germany. An Access Control Error vulnerability exists in EnBw SENEC legacy storage Box versions V1 through V3, which stems from improper access control and leads to log disclosure...
EnBw SENEC Legacy Storage Box Log Disclosure
Advisory ID: Ph0s-2023-001 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-284: Improper Access Control Risk Level: CVSS v3.1 Vector:...
EnBw SENEC Legacy Storage Box Information Disclosure
Advisory ID: Ph0s-2023-002 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Risk Level: CVSS v3.1...