2 matches found
PT-2025-87: Incorrect session expiration in Fastwel PLC web server
The vulnerability was identified in Fastwel programmable controllers, versions 3.4.5.0 CPM810-03, 3.4.9.1 СPM723-01. The discovered vulnerability can be exploited by an attacker to gain unlimited access to a device by brute-forcing or compromising a session token. Vulnerability status: Confirmed ...
PT-2024-33: Business logic vulnerability in Passwork
The vulnerability was identified in Passwork version 6.4.0. The application's logic requires the user to perform a correct sequence of actions to implement the functionality. The vulnerability in the business logic can be exploited by an attacker to gain access to the application's functionality...