Ultralog Express Firmware Security Vulnerabilities and Issues — Ultralog Express Firmware CVE List

Lucene search

UnisoonUltralog Express Firmware

3 matches found

CVE•added 2020/03/27 4:15 a.m.•102 views

CVE-2020-3920

UltraLog Express device management interface does not properly perform access authentication in some specific pages/functions. Any user can access the privileged page to manage accounts through specific system directory.

8.1CVSS8.1AI score0.00252EPSS

CVE•added 2020/03/27 4:15 a.m.•97 views

CVE-2020-3921

UltraLog Express device management software stores user’s information in cleartext. Any user can obtain accounts information through a specific page.

8.6CVSS7.7AI score0.00183EPSS

CVE•added 2020/03/27 4:15 a.m.•90 views

CVE-2020-3936

UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL command.

10CVSS9.7AI score0.00418EPSS