CVE-2024-40117

Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows attackers to obtain Administrative privileges via connecting to the web administration server. Not existing for SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300, 1200, 2000, SL 50 Gateway / fixed in 5.1.2 /...

CVE-2024-40117

Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows attackers to obtain Administrative privileges via connecting to the web administration server. Not existing for SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300, 1200, 2000, SL 50 Gateway / fixed in 5.1.2 /...

CVE-2024-40117

Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows attackers to obtain Administrative privileges via connecting to the web administration server. Not existing for SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300, 1200, 2000, SL 50 Gateway / fixed in 5.1.2 /...

PT-2024-28787 · Sl Base +1 · Sl Base +6

Name of the Vulnerable Software and Affected Versions: Solar-Log 1000 versions prior to v2.8.2 and build 52- 23.04.2013 Solar-Log 250, 300, 1200, 2000, SL 50 Gateway versions prior to 4.2.8 SL Base versions prior to 5.1.2 and 6.0.0 Description: The issue is related to incorrect access control,...

CVE-2024-40117

Solar-Log 1000 is affected by an improper access control vulnerability that, in versions prior to v2.8.2 and build 52- 23.04.2013, can allow an attacker to obtain administrative privileges by connecting to the web administration server. The affected line items in public sources indicate no impact...

CVE-2021-34543

The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. Fixed with...

Solar-Log 500 2.8.2 - Incorrect Access Control Vulnerability

Exploit Title: Solar-Log 500 2.8.2 - Incorrect Access Control Google Dork: In Shodan search engine, the filter is ""Server: email protected"" Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...

IEA multiple network applications DoS

Integrated web administration server multiple security vulnerabilities...

Oracle Web Administration Server Detection

We detected the remote web server as an Oracle Administration web server. This web server enables attackers to configure your Oracle Database server if they gain access to a valid authentication username and password. SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpt...

CVE-2001-1223

The CVE-2001-1223 entry concerns the web administration server of ELSA Lancom 1100 Office. The vulnerability is that the web admin interface does not require authentication, allowing arbitrary remote attackers to gain administrative privileges by connecting to the server (network exposure). The a...