Lucene search
K

26 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-29803

Malware in sbrugna...

9.3CVSS8AI score0.00434EPSS
Exploits0References2
OSV
OSV
added 2022/10/17 10:15 p.m.4 views

CVE-2020-8975

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application and knowledge of the routes URIs used by the application, to access sensitive information about the system...

7.5CVSS5.8AI score0.00999EPSS
Exploits0References1
OSV
OSV
added 2022/10/17 10:15 p.m.8 views

CVE-2020-8974

In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable...

9.1CVSS5.8AI score0.00696EPSS
Exploits0References1
NVD
NVD
added 2022/10/17 10:15 p.m.21 views

CVE-2020-8973

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user...

9.3CVSS0.00434EPSS
Exploits0References1
NVD
NVD
added 2022/10/17 10:15 p.m.20 views

CVE-2020-8976

The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to perform actions with the permissions of a victim user. For this to happen, the victim user has to have an active session and triggers the malicious request...

9.6CVSS0.00474EPSS
Exploits0References1
NVD
NVD
added 2022/10/17 10:15 p.m.22 views

CVE-2020-8974

In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable...

10CVSS0.00696EPSS
Exploits0References1
Prion
Prion
added 2022/10/17 10:15 p.m.23 views

Design/Logic Flaw

In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable...

6.4CVSS9.1AI score0.00696EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/10/17 10:15 p.m.17 views

Server side request forgery (ssrf)

The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to perform actions with the permissions of a victim user. For this to happen, the victim user has to have an active session and triggers the malicious request...

6.8CVSS8.6AI score0.00474EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/10/17 10:15 p.m.21 views

Information disclosure

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application and knowledge of the routes URIs used by the application, to access sensitive information about the system...

5CVSS7.4AI score0.00999EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/10/17 10:15 p.m.18 views

Design/Logic Flaw

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user...

4.8CVSS7.9AI score0.00434EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/17 9:18 p.m.23 views

CVE-2020-8976 ZGR TPS200 Cross-Site Request Forgery (CSRF)

The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to perform actions with the permissions of a victim user. For this to happen, the victim user has to have an active session and triggers the malicious request...

9.6CVSS9.3AI score0.00474EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/17 9:18 p.m.6 views

CVE-2020-8976 ZGR TPS200 Cross-Site Request Forgery (CSRF)

The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to perform actions with the permissions of a victim user. For this to happen, the victim user has to have an active session and triggers the malicious request...

9.6CVSS9.3AI score0.00474EPSS
Exploits0References1
CVE
CVE
added 2022/10/17 9:18 p.m.43 views

CVE-2020-8976

CVE-2020-8976 affects ZGR TPS200 NG (firmware 2.00, hardware 1.01). The vulnerability allows a remote attacker to perform actions with the victim user’s permissions when the victim has an active session and triggers a malicious request (CSRF). Documented impacts include high/critical Confidential...

9.6CVSS8.7AI score0.00474EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/17 9:17 p.m.9 views

CVE-2020-8973 ZGR TPS200 NG Improper access control

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user...

9.3CVSS7.1AI score0.00434EPSS
Exploits0References1
CVE
CVE
added 2022/10/17 9:17 p.m.45 views

CVE-2020-8973

ZGR TPS200 NG (firmware 2.00, hardware 1.01) is affected by an improper request handling vulnerability. The device does not properly accept specially constructed requests, enabling an network-adjacent attacker to operate and change several parameters without user registration. This can impact con...

9.3CVSS8AI score0.00434EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/17 9:17 p.m.23 views

CVE-2020-8973 ZGR TPS200 NG Improper access control

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user...

9.3CVSS9.1AI score0.00434EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/17 9:16 p.m.9 views

CVE-2020-8974 ZGR TPS200 NG Missing Reference to Active Allocated Resource

In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable...

10CVSS7.2AI score0.00696EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/17 9:16 p.m.26 views

CVE-2020-8974 ZGR TPS200 NG Missing Reference to Active Allocated Resource

In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable...

10CVSS9.5AI score0.00696EPSS
Exploits0References1
CVE
CVE
added 2022/10/17 9:16 p.m.58 views

CVE-2020-8974

The CVE-2020-8974 entry concerns ZGR TPS200 NG, affected at firmware 2.00 (and hardware 1.01) where the firmware upload process lacks any restriction. This allows an attacker to modify the firmware and re-upload it via the web with malicious changes, potentially rendering the device unusable. Pub...

10CVSS9.3AI score0.00696EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/17 9:15 p.m.10 views

CVE-2020-8975 ZGR TPS200 NG Information Exposure

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application and knowledge of the routes URIs used by the application, to access sensitive information about the system...

7.5CVSS7.4AI score0.00999EPSS
Exploits0References1
Rows per page
Query Builder