Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Haas Security Vulnerabilities

cve
cve

CVE-2022-2474

Authentication is currently unsupported in Haas Controller version 100.20.000.1110 when using the “Ethernet Q Commands” service, which allows any user on the same network segment as the controller (even while connected remotely) to access the service and write unauthorized macros to the...

8CVSS

8AI Score

0.0004EPSS

2022-10-28 06:15 PM
26
7
cve
cve

CVE-2022-2475

Haas Controller version 100.20.000.1110 has insufficient granularity of access control when using the "Ethernet Q Commands" service. Any user is able to write macros into registers outside of the authorized accessible range. This could allow a user to access privileged resources or resources out...

8.8CVSS

8.6AI Score

0.001EPSS

2022-10-28 06:15 PM
27
7
cve
cve

CVE-2022-41636

Communication traffic involving "Ethernet Q Commands" service of Haas Controller version 100.20.000.1110 is transmitted in cleartext. This allows an attacker to obtain sensitive information being passed to and from the...

7.5CVSS

7.5AI Score

0.002EPSS

2022-10-28 06:15 PM
23
6