Janitza UMG 96RM-E 24V和Janitza UMG 96RM-E 230V 操作系统命令注入漏洞

Both Janitza UMG 96RM-E 24V and Janitza UMG 96RM-E 230V are multi-functional power quality analyzers produced by the German company Janitza. Both models have vulnerabilities related to operating system command injection. These vulnerabilities arise from defects in the power analyzer’s processing ...

Janitza UMG 96-PA和Janitza UMG 96-PA-MID+ 安全漏洞

The Janitza UMG 96-PA and Janitza UMG 96-PA-MID+ are both energy management and detection devices from Janitza, Germany. A security vulnerability exists in the Janitza UMG 96-PA and Janitza UMG 96-PA-MID+ that originates from an attacker being able to send a specially crafted Modbus read command,...

EUVD-2015-4001

Malware in sbrugna...

EUVD-2019-18883

Malware in sbrugna...

EUVD-2015-3998

Malware in sbrugna...

EUVD-2015-3999

Malware in sbrugna...

EUVD-2015-4004

Malware in sbrugna...

EUVD-2015-4003

Malware in sbrugna...

EUVD-2015-4002

Malware in sbrugna...

Malicious code in bravo-umg-project (npm)

The package bravo-umg-project was found to contain malicious code...

MAL-2025-16135 Malicious code in bravo-umg-project (npm)

The package bravo-umg-project was found to contain malicious code...

Janitza UMG Power Quality Measuring Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-3969)

Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to obtain sensitive network-connection information via a request to UDP port 1 1234 or 2 1235. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVE...

Janitza UMG Power Quality Measuring Credentials Management Errors (CVE-2015-3968)

The FTP service on Janitza UMG 508, 509, 511, 604, and 605 devices has a default password, which makes it easier for remote attackers to read or write to files via a session on TCP port 21. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Janitza UMG Power Quality Measuring Improper Neutralization of Input During Web Page Generation (CVE-2015-3970)

Multiple cross-site scripting XSS vulnerabilities in the web interface on Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. This plugin only works with Tenable.ot. Please visit...

Janitza UMG Power Quality Measuring Improper Session Token Generation (CVE-2015-3973)

Janitza UMG 508, 509, 511, 604, and 605 devices improperly generate session tokens, which makes it easier for remote attackers to determine a PIN value via unspecified computations on session-token values. This plugin only works with Tenable.ot. Please visit...

Janitza UMG Power Quality Measuring Cross-Site Request Forgery (CVE-2015-3967)

Cross-site request forgery CSRF vulnerability on Janitza UMG 508, 509, 511, 604, and 605 devices allows remote attackers to hijack the authentication of arbitrary users. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Janitza UMG Power Quality Measuring Improper Access Control (CVE-2015-3971)

The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices does not require authentication, which allows remote attackers to read or write to files, or execute arbitrary JASIC code, via a session on TCP port 1239. This plugin only works with Tenable.ot. Please visit...

Vertiv Avocent UMG-4000 Web Interface Cross-Site Scripting Vulnerability

The Vertiv Avocent UMG-4000 is a Universal Management Gateway appliance from Vertiv Technologies Vertiv. It supports real-time management, monitoring, access and control of IT devices and infrastructure. A cross-site scripting vulnerability exists in the HTTP POST parameter of the web interface i...

Vertiv Avocent UMG-4000 Web Interface Cross-Site Scripting Vulnerability (CNVD-2020-25873)

The Vertiv Avocent UMG-4000 is a Universal Management Gateway appliance from Vertiv Technologies Vertiv. It supports real-time management, monitoring, access and control of IT devices and infrastructure. A cross-site scripting vulnerability exists in the web interface of the Vertiv Avocent UMG-40...

Vertiv Avocent UMG-4000 Web Interface OS Command Injection Vulnerability

The Vertiv Avocent UMG-4000 is a Universal Management Gateway appliance from Vertiv Technologies Vertiv. It supports real-time management, monitoring, access and control of IT devices and infrastructure. An operating system command injection vulnerability exists in the web interface of the Vertiv...