Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ProminentMultiflex M10a Controller Firmware

2 matches found

CVE
CVEadded 2017/10/17 10:29 p.m.38 views

CVE-2017-14005

An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface. When setting a new password for a user, the application does not require the user to know the original password. An attacker who is authenticated could change a user's password, enabling future ...

8.8CVSS8.5AI score0.00401EPSS
CVE
CVEadded 2017/10/17 10:29 p.m.36 views

CVE-2017-14011

A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The application does not sufficiently verify requests, making it susceptible to cross-site request forgery. This may allow an attacker to execute unauthorized code, resulting in changes to the co...

8.8CVSS8.6AI score0.00123EPSS