CVE-2021-44795

Single Connect exposes a vulnerability in the sc-assigned-credential-ui module where no authorization check is performed. This allows a remote attacker to modify or delete other users’ permissions without authenticating, via a network pathway. The CVE is documented with CVSS metrics indicating me...

CVE-2023-0882

Kron Tech Single Connect (Windows) version 2.16 is affected by an Improper Input Validation and Authorization Bypass via a User-Controlled Key, enabling Privilege Abuse. The issue is described across sources as affecting Single Connect: 2.16, with no explicit exploit details provided in the docum...

CVE-2021-44794

CVE-2021-44794 affects Kronos Single Connect via the sc-diagnostic-ui module, where an authorization check is missing. This vulnerability could allow a remote attacker to access the device information page and obtain sensitive information. The available connected documents consistently describe a...

CVE-2021-44792

CVE-2021-44792 affects Single Connect via the log-monitor module, where an missing authorization check allows a remote attacker to access the logging interface and potentially obtain sensitive information. The NVD entry lists CVSS v3.1 base score 5.3 (Network, Low attack complexity, no privileges...

CVE-2021-44793

CVE-2021-44793 affects Single Connect via the sc-reports-ui module, where an missing authorization check allows a remote attacker to access the device configuration page and export data. The attacker could potentially obtain sensitive information including database credentials; the database runs ...