3 matches found
CVE-2014-5382
Schrack Technik microControl firmware 1.7.0 (937) web interface contains multiple XSS vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors. The issue is documented in CVE-2014-5382 and af...
CVE-2014-5396
The CVE-2014-5396 issue affects Schrack Technik microControl web interface on firmware versions before 1.7.0 (937). The root cause is a hardcoded password for the user account, enabling remote access via unspecified vectors. The connected sources reiterate the same description; no explicit fix or...
CVE-2014-8329
The CVE-2014-8329 entry affects Schrack Technik microControl devices running firmware before 1.7.0 (937). The vulnerability stems from storing sensitive information under the web root with insufficient access control, enabling remote attackers to obtain FTP/Telnet credentials via a direct request...