23 matches found
CVE-2020-23161
Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance Logs menu and manipulating the file-path in the URL...
EUVD-2020-15914
Malware in sbrugna...
CVE-2020-23160
Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices...
Pyres Termod4 Remote Code Execution (CVE-2020-23160)
A remote code execution vulnerability exists in Pyres Termod4. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2020-23162
Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials...
CVE-2020-23162
Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials...
CVE-2020-23160
Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices...
CVE-2020-23160
Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices...
CVE-2020-23161
Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance Logs menu and manipulating the file-path in the URL...
CVE-2020-23161
Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance Logs menu and manipulating the file-path in the URL...
Remote file inclusion
Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance Logs menu and manipulating the file-path in the URL...
Information disclosure
Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials...
Remote code execution
Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices...
Pyrescom Termod4 time management access control error
A security vulnerability exists in Pyrescom Termod4 time management devices that stems from the inclusion of local files in the devices allowing an authenticated, remote attacker to traverse directories and read sensitive files via the Maintenance Log menu and manipulate file paths in URLs...
Pyrescom Termod4 time management encryption issue vulnerability
A security vulnerability in Pyrescom Termod4 time management devices allows remote attackers to read session files and obtain explicit user credentials...
Pyrescom Termod4 time management access control error vulnerability
A security vulnerability in Pyrescom Termod4 time management devices before 10.04k allows an authenticated, remote attacker to access arbitrary commands on the device as root...
Exploit for CVE-2020-23160
Pyrescom-Termod-PoC This is the Proof-of-concept exploit code...
CVE-2020-23162
Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials...
CVE-2020-23162
CVE-2020-23162 affects Pyrescom Termod4 time management devices pre-10.04k. The issue is sensitive information disclosure due to weak encryption, allowing remote attackers to read a session-file and obtain plain-text credentials. Impact is partial confidentiality loss per CVSS2, with high impact ...
CVE-2020-23161
Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance Logs menu and manipulating the file-path in the URL...