Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-16672 | 5.0 |
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Sensitive Credentials data is transmitted in cleartext.
|
01-04-2022 - 15:48 | 06-12-2019 - 18:15 | |
CVE-2019-16674 | 5.0 |
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Authentication Information used in a cookie is predictable and can lead to admin password compr
|
21-07-2021 - 11:39 | 06-12-2019 - 18:15 | |
CVE-2018-12981 | 3.5 |
An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability can be exploited by authenticated and unauthenticated users by sending special crafted requests to the web server allowing injec
|
20-05-2021 - 20:09 | 12-07-2018 - 18:29 | |
CVE-2018-12979 | 5.5 |
An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. Weak permissions allow an authenticated user to overwrite critical files by abusing the unrestricted file upload in the WBM.
|
20-05-2021 - 20:09 | 12-07-2018 - 18:29 | |
CVE-2018-12980 | 6.5 |
An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability allows an authenticated user to upload arbitrary files to the file system with the permissions of the web server.
|
20-05-2021 - 20:09 | 12-07-2018 - 18:29 | |
CVE-2019-19885 | 6.4 |
In Bender COMTRAXX, user authorization is validated for most, but not all, routes in the system. A user with knowledge about the routes can read and write configuration data without prior authorization. This affects COM465IP, COM465DP, COM465ID, CP70
|
26-10-2020 - 20:33 | 16-10-2020 - 13:15 | |
CVE-2019-20481 | 5.0 |
In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password. This can be exploited in conjunction with CVE-2019-20480.
|
24-08-2020 - 17:37 | 24-02-2020 - 15:15 | |
CVE-2020-12499 | 4.4 |
In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import of project files.
|
05-08-2020 - 14:35 | 21-07-2020 - 15:15 | |
CVE-2020-9464 | 7.8 |
A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. After an attack has occurred, the device's functionality can be restored by rebooting.
|
16-03-2020 - 16:43 | 12-03-2020 - 14:15 | |
CVE-2020-9436 | 9.0 |
PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17
|
16-03-2020 - 15:52 | 12-03-2020 - 14:15 | |
CVE-2020-9435 | 5.0 |
PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17
|
16-03-2020 - 15:47 | 12-03-2020 - 14:15 | |
CVE-2019-20480 | 6.8 |
In MIELE XGW 3000 ZigBee Gateway before 2.4.0, a malicious website visited by an authenticated admin user or a malicious mail is allowed to make arbitrary changes in the "admin panel" because there is no CSRF protection.
|
28-02-2020 - 01:09 | 24-02-2020 - 15:15 | |
CVE-2019-16671 | 6.8 |
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Remote authenticated users can crash a device with a special packet because of Uncontrolled Res
|
12-12-2019 - 18:54 | 06-12-2019 - 18:15 | |
CVE-2019-16670 | 7.5 |
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. The Authentication mechanism has no brute-force prevention.
|
12-12-2019 - 18:42 | 06-12-2019 - 18:15 | |
CVE-2019-16673 | 4.0 |
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Passwords are stored in cleartext and can be read by anyone with access to the device.
|
10-12-2019 - 15:19 | 06-12-2019 - 18:15 | |
CVE-2019-12871 | 6.8 |
An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to a Use-After-Free and remote code execution. The attacker needs to get
|
27-06-2019 - 16:33 | 24-06-2019 - 15:15 | |
CVE-2019-12869 | 6.8 |
An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Out-Of-Bounds Read, Information Disclosure, and remote code execut
|
27-06-2019 - 16:27 | 24-06-2019 - 16:15 | |
CVE-2019-12870 | 6.8 |
An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Uninitialized Pointer and remote code execution. The attacker need
|
27-06-2019 - 16:26 | 24-06-2019 - 16:15 | |
CVE-2019-12549 | 10.0 |
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.
|
19-06-2019 - 17:51 | 17-06-2019 - 17:15 | |
CVE-2019-12550 | 10.0 |
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET.
|
19-06-2019 - 17:11 | 17-06-2019 - 17:15 | |
CVE-2018-16059 | 5.0 |
Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter.
|
21-03-2019 - 16:00 | 07-09-2018 - 22:29 |