Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
31 vulnerabilities by SAUTER
CVE-2025-41724 (GCVE-0-2025-41724)
Vulnerability from cvelistv5 – Published: 2025-10-22 07:03 – Updated: 2025-10-22 15:48
VLAI
Title
Sauter: Crash via Incomplete SOAP Request
Summary
An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-239 - Failure to Handle Incomplete Element
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sauter | modulo 6 devices modu680-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu660-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu612-LC |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu524 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu525 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 ecos 5 ecos504/505 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41724",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T15:48:31.778178Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T15:48:40.087Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu680-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu660-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu612-LC",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu524",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu525",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 ecos 5 ecos504/505",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse S+T"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again."
}
],
"value": "An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-239",
"description": "CWE-239:Failure to Handle Incomplete Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T07:03:50.109Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json"
}
],
"source": {
"advisory": "VDE-2025-060",
"defect": [
"CERT@VDE#641818"
],
"discovery": "UNKNOWN"
},
"title": "Sauter: Crash via Incomplete SOAP Request",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41724",
"datePublished": "2025-10-22T07:03:50.109Z",
"dateReserved": "2025-04-16T11:17:48.318Z",
"dateUpdated": "2025-10-22T15:48:40.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41723 (GCVE-0-2025-41723)
Vulnerability from cvelistv5 – Published: 2025-10-22 07:01 – Updated: 2025-10-22 13:28
VLAI
Title
Sauter: Directory Traversal in importFile SOAP Method
Summary
The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sauter | modulo 6 devices modu680-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu660-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu612-LC |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu524 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu525 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 ecos 5 ecos504/505 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41723",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T13:28:39.630438Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T13:28:51.323Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu680-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu660-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu612-LC",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu524",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu525",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 ecos 5 ecos504/505",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse S+T"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.\u003c/p\u003e"
}
],
"value": "The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35:Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T07:01:09.768Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json"
}
],
"source": {
"advisory": "VDE-2025-060",
"defect": [
"CERT@VDE#641818"
],
"discovery": "UNKNOWN"
},
"title": "Sauter: Directory Traversal in importFile SOAP Method",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41723",
"datePublished": "2025-10-22T07:01:09.768Z",
"dateReserved": "2025-04-16T11:17:48.318Z",
"dateUpdated": "2025-10-22T13:28:51.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41722 (GCVE-0-2025-41722)
Vulnerability from cvelistv5 – Published: 2025-10-22 06:58 – Updated: 2025-10-22 13:30
VLAI
Title
Sauter: Hard-coded Authentication Credentials
Summary
The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the Software of the affected devices.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sauter | modulo 6 devices modu680-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu660-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu612-LC |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu524 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu525 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 ecos 5 ecos504/505 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41722",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T13:29:56.589615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T13:30:10.827Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu680-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu660-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu612-LC",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu524",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu525",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 ecos 5 ecos504/505",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse S+T"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the Software of the affected devices."
}
],
"value": "The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the Software of the affected devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T06:58:31.679Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json"
}
],
"source": {
"advisory": "VDE-2025-060",
"defect": [
"CERT@VDE#641818"
],
"discovery": "UNKNOWN"
},
"title": "Sauter: Hard-coded Authentication Credentials",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41722",
"datePublished": "2025-10-22T06:58:31.679Z",
"dateReserved": "2025-04-16T11:17:48.317Z",
"dateUpdated": "2025-10-22T13:30:10.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41721 (GCVE-0-2025-41721)
Vulnerability from cvelistv5 – Published: 2025-10-22 06:55 – Updated: 2025-10-22 13:31
VLAI
Title
Sauter: Command Injection
Summary
A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sauter | modulo 6 devices modu680-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu660-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu612-LC |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu524 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu525 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 ecos 5 ecos504/505 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41721",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T13:31:24.266594Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T13:31:30.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu680-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu660-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu612-LC",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu524",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu525",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 ecos 5 ecos504/505",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse S+T"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate."
}
],
"value": "A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77:Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T06:55:22.860Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json"
}
],
"source": {
"advisory": "VDE-2025-060",
"defect": [
"CERT@VDE#641818"
],
"discovery": "UNKNOWN"
},
"title": "Sauter: Command Injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41721",
"datePublished": "2025-10-22T06:55:22.860Z",
"dateReserved": "2025-04-16T11:17:48.317Z",
"dateUpdated": "2025-10-22T13:31:30.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41720 (GCVE-0-2025-41720)
Vulnerability from cvelistv5 – Published: 2025-10-22 06:52 – Updated: 2025-10-22 15:48
VLAI
Title
Sauter: Arbitrary File Upload
Summary
A low privileged remote attacker can upload arbitrary data masked as a png file to the affected device using the webserver API because only the file extension is verified.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-646 - Reliance on File Name or Extension of Externally-Supplied File
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sauter | modulo 6 devices modu680-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu660-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu612-LC |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu524 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu525 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 ecos 5 ecos504/505 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41720",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T15:47:55.751768Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T15:48:07.323Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu680-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu660-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu612-LC",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu524",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu525",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 ecos 5 ecos504/505",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A low privileged remote attacker can upload arbitrary data masked as a png file to the affected device using the webserver API because only the file extension is verified."
}
],
"value": "A low privileged remote attacker can upload arbitrary data masked as a png file to the affected device using the webserver API because only the file extension is verified."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-646",
"description": "CWE-646:Reliance on File Name or Extension of Externally-Supplied File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T06:52:03.019Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json"
}
],
"source": {
"advisory": "VDE-2025-060",
"defect": [
"CERT@VDE#641818"
],
"discovery": "UNKNOWN"
},
"title": "Sauter: Arbitrary File Upload",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41720",
"datePublished": "2025-10-22T06:52:03.019Z",
"dateReserved": "2025-04-16T11:17:48.313Z",
"dateUpdated": "2025-10-22T15:48:07.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41719 (GCVE-0-2025-41719)
Vulnerability from cvelistv5 – Published: 2025-10-22 06:48 – Updated: 2025-10-22 15:47
VLAI
Title
Sauter: Improper Validation of user-controlled data
Summary
A low privileged remote attacker can corrupt the webserver users storage on the device by setting a sequence of unsupported characters which leads to deletion of all previously configured users and the creation of the default Administrator with a known default password.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1286 - Improper Validation of Syntactic Correctness of Input
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sauter | modulo 6 devices modu680-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu660-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu612-LC |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu524 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu525 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 ecos 5 ecos504/505 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41719",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T15:47:18.799189Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T15:47:29.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu680-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu660-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu612-LC",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu524",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu525",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 ecos 5 ecos504/505",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A low privileged remote attacker can corrupt the webserver users storage on the device by setting a sequence of unsupported characters which leads to deletion of all previously configured users and the creation of the default Administrator with a known default password."
}
],
"value": "A low privileged remote attacker can corrupt the webserver users storage on the device by setting a sequence of unsupported characters which leads to deletion of all previously configured users and the creation of the default Administrator with a known default password."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286:Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T06:48:30.796Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json"
}
],
"source": {
"advisory": "VDE-2025-060",
"defect": [
"CERT@VDE#641818"
],
"discovery": "UNKNOWN"
},
"title": "Sauter: Improper Validation of user-controlled data",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41719",
"datePublished": "2025-10-22T06:48:30.796Z",
"dateReserved": "2025-04-16T11:17:48.313Z",
"dateUpdated": "2025-10-22T15:47:29.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28650 (GCVE-0-2023-28650)
Vulnerability from cvelistv5 – Published: 2023-03-27 19:40 – Updated: 2025-01-17 17:17
VLAI
Title
CVE-2023-28650
Summary
An unauthenticated remote attacker could provide a malicious link and trick an unsuspecting user into clicking on it. If clicked, the attacker could execute the malicious JavaScript (JS) payload in the target’s security context.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAUTER | EY-AS525F001 with moduWeb |
Affected:
all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:43:23.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28650",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T17:01:27.929385Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T17:17:52.267Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EY-AS525F001 with moduWeb",
"vendor": "SAUTER",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker could provide a malicious link and trick an unsuspecting user into clicking on it. If clicked, the attacker could execute the malicious JavaScript (JS) payload in the target\u2019s security context."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-site Scripting",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-27T19:40:04.111Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2023-28650",
"x_generator": {
"engine": "VINCE 2.0.7",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-28650"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-28650",
"datePublished": "2023-03-27T19:40:04.111Z",
"dateReserved": "2023-03-20T14:52:02.998Z",
"dateUpdated": "2025-01-17T17:17:52.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28655 (GCVE-0-2023-28655)
Vulnerability from cvelistv5 – Published: 2023-03-27 19:38 – Updated: 2025-01-17 17:34
VLAI
Title
CVE-2023-28655
Summary
A malicious user could leverage this vulnerability to escalate privileges or perform unauthorized actions in the context of the targeted privileged users.
Severity
5.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAUTER | EY-AS525F001 with moduWeb |
Affected:
all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:43:23.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28655",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T17:01:29.667565Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T17:34:32.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EY-AS525F001 with moduWeb",
"vendor": "SAUTER",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious user could leverage this vulnerability to escalate privileges or perform unauthorized actions in the context of the targeted privileged users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-site Scripting",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-27T19:38:44.049Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2023-28655",
"x_generator": {
"engine": "VINCE 2.0.7",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-28655"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-28655",
"datePublished": "2023-03-27T19:38:44.049Z",
"dateReserved": "2023-03-20T14:52:02.992Z",
"dateUpdated": "2025-01-17T17:34:32.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22300 (GCVE-0-2023-22300)
Vulnerability from cvelistv5 – Published: 2023-03-27 19:36 – Updated: 2025-01-17 17:35
VLAI
Title
CVE-2023-22300
Summary
An unauthenticated remote attacker could force all authenticated users, such as administrative users, to perform unauthorized actions by viewing the logs. This action would also grant the attacker privilege escalation.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAUTER | EY-AS525F001 with moduWeb |
Affected:
all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-22300",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T17:01:31.421625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T17:35:14.960Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EY-AS525F001 with moduWeb",
"vendor": "SAUTER",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker could force all authenticated users, such as administrative users, to perform unauthorized actions by viewing the logs. This action would also grant the attacker privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-site Scripting",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-27T19:36:02.936Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2023-22300",
"x_generator": {
"engine": "VINCE 2.0.7",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-22300"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-22300",
"datePublished": "2023-03-27T19:36:02.936Z",
"dateReserved": "2023-03-20T14:52:02.988Z",
"dateUpdated": "2025-01-17T17:35:14.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27927 (GCVE-0-2023-27927)
Vulnerability from cvelistv5 – Published: 2023-03-27 19:33 – Updated: 2025-01-17 17:36
VLAI
Title
CVE-2023-27927
Summary
An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password in cleartext format, despite it being protected and hidden behind asterisks. The attacker could then perform further attacks using the SMTP credentials.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAUTER | EY-AS525F001 with moduWeb |
Affected:
all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27927",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T17:01:32.631793Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T17:36:30.688Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EY-AS525F001 with moduWeb",
"vendor": "SAUTER",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password in cleartext format, despite it being protected and hidden behind asterisks. The attacker could then perform further attacks using the SMTP credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-27T19:33:49.432Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2023-27927",
"x_generator": {
"engine": "VINCE 2.0.7",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-27927"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-27927",
"datePublished": "2023-03-27T19:33:49.432Z",
"dateReserved": "2023-03-20T14:52:02.983Z",
"dateUpdated": "2025-01-17T17:36:30.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28652 (GCVE-0-2023-28652)
Vulnerability from cvelistv5 – Published: 2023-03-27 19:29 – Updated: 2025-01-17 17:38
VLAI
Title
CVE-2023-28652
Summary
An authenticated malicious user could successfully upload a malicious image could lead to a denial-of-service condition.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAUTER | EY-AS525F001 with moduWeb |
Affected:
all
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:43:23.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28652",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T17:01:33.865261Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T17:38:34.744Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EY-AS525F001 with moduWeb",
"vendor": "SAUTER",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authenticated malicious user could successfully upload a malicious image could lead to a denial-of-service condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-27T19:29:45.917Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2023-28652",
"x_generator": {
"engine": "VINCE 2.0.7",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-28652"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-28652",
"datePublished": "2023-03-27T19:29:45.917Z",
"dateReserved": "2023-03-20T14:52:02.975Z",
"dateUpdated": "2025-01-17T17:38:34.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7915 (GCVE-0-2015-7915)
Vulnerability from cvelistv5 – Published: 2016-02-06 02:00 – Updated: 2024-08-06 08:06
VLAI
Summary
Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2016/Feb/25 | mailing-listx_refsource_FULLDISC |
| https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01 | x_refsource_MISC |
Date Public
2016-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:06:30.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160203 Sauter ModuWEB Vision SCADA vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Feb/25"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T15:57:02.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "20160203 Sauter ModuWEB Vision SCADA vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Feb/25"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-7915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160203 Sauter ModuWEB Vision SCADA vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Feb/25"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-7915",
"datePublished": "2016-02-06T02:00:00.000Z",
"dateReserved": "2015-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:06:30.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41724 (GCVE-0-2025-41724)
Vulnerability from nvd – Published: 2025-10-22 07:03 – Updated: 2025-10-22 15:48
VLAI
Title
Sauter: Crash via Incomplete SOAP Request
Summary
An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-239 - Failure to Handle Incomplete Element
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sauter | modulo 6 devices modu680-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu660-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu612-LC |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu524 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu525 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 ecos 5 ecos504/505 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41724",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T15:48:31.778178Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T15:48:40.087Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu680-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu660-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu612-LC",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu524",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu525",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 ecos 5 ecos504/505",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse S+T"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again."
}
],
"value": "An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-239",
"description": "CWE-239:Failure to Handle Incomplete Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T07:03:50.109Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json"
}
],
"source": {
"advisory": "VDE-2025-060",
"defect": [
"CERT@VDE#641818"
],
"discovery": "UNKNOWN"
},
"title": "Sauter: Crash via Incomplete SOAP Request",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41724",
"datePublished": "2025-10-22T07:03:50.109Z",
"dateReserved": "2025-04-16T11:17:48.318Z",
"dateUpdated": "2025-10-22T15:48:40.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41723 (GCVE-0-2025-41723)
Vulnerability from nvd – Published: 2025-10-22 07:01 – Updated: 2025-10-22 13:28
VLAI
Title
Sauter: Directory Traversal in importFile SOAP Method
Summary
The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sauter | modulo 6 devices modu680-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu660-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu612-LC |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu524 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu525 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 ecos 5 ecos504/505 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41723",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T13:28:39.630438Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T13:28:51.323Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu680-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu660-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu612-LC",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu524",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu525",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 ecos 5 ecos504/505",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse S+T"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.\u003c/p\u003e"
}
],
"value": "The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35:Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T07:01:09.768Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json"
}
],
"source": {
"advisory": "VDE-2025-060",
"defect": [
"CERT@VDE#641818"
],
"discovery": "UNKNOWN"
},
"title": "Sauter: Directory Traversal in importFile SOAP Method",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41723",
"datePublished": "2025-10-22T07:01:09.768Z",
"dateReserved": "2025-04-16T11:17:48.318Z",
"dateUpdated": "2025-10-22T13:28:51.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41722 (GCVE-0-2025-41722)
Vulnerability from nvd – Published: 2025-10-22 06:58 – Updated: 2025-10-22 13:30
VLAI
Title
Sauter: Hard-coded Authentication Credentials
Summary
The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the Software of the affected devices.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sauter | modulo 6 devices modu680-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu660-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu612-LC |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu524 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu525 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 ecos 5 ecos504/505 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41722",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T13:29:56.589615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T13:30:10.827Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu680-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu660-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu612-LC",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu524",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu525",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 ecos 5 ecos504/505",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse S+T"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the Software of the affected devices."
}
],
"value": "The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the Software of the affected devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T06:58:31.679Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json"
}
],
"source": {
"advisory": "VDE-2025-060",
"defect": [
"CERT@VDE#641818"
],
"discovery": "UNKNOWN"
},
"title": "Sauter: Hard-coded Authentication Credentials",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41722",
"datePublished": "2025-10-22T06:58:31.679Z",
"dateReserved": "2025-04-16T11:17:48.317Z",
"dateUpdated": "2025-10-22T13:30:10.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41721 (GCVE-0-2025-41721)
Vulnerability from nvd – Published: 2025-10-22 06:55 – Updated: 2025-10-22 13:31
VLAI
Title
Sauter: Command Injection
Summary
A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sauter | modulo 6 devices modu680-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu660-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu612-LC |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu524 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu525 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 ecos 5 ecos504/505 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41721",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T13:31:24.266594Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T13:31:30.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu680-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu660-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu612-LC",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu524",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu525",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 ecos 5 ecos504/505",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse S+T"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate."
}
],
"value": "A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77:Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T06:55:22.860Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json"
}
],
"source": {
"advisory": "VDE-2025-060",
"defect": [
"CERT@VDE#641818"
],
"discovery": "UNKNOWN"
},
"title": "Sauter: Command Injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41721",
"datePublished": "2025-10-22T06:55:22.860Z",
"dateReserved": "2025-04-16T11:17:48.317Z",
"dateUpdated": "2025-10-22T13:31:30.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41720 (GCVE-0-2025-41720)
Vulnerability from nvd – Published: 2025-10-22 06:52 – Updated: 2025-10-22 15:48
VLAI
Title
Sauter: Arbitrary File Upload
Summary
A low privileged remote attacker can upload arbitrary data masked as a png file to the affected device using the webserver API because only the file extension is verified.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-646 - Reliance on File Name or Extension of Externally-Supplied File
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sauter | modulo 6 devices modu680-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu660-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu612-LC |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu524 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu525 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 ecos 5 ecos504/505 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41720",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T15:47:55.751768Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T15:48:07.323Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu680-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu660-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu612-LC",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu524",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu525",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 ecos 5 ecos504/505",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A low privileged remote attacker can upload arbitrary data masked as a png file to the affected device using the webserver API because only the file extension is verified."
}
],
"value": "A low privileged remote attacker can upload arbitrary data masked as a png file to the affected device using the webserver API because only the file extension is verified."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-646",
"description": "CWE-646:Reliance on File Name or Extension of Externally-Supplied File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T06:52:03.019Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json"
}
],
"source": {
"advisory": "VDE-2025-060",
"defect": [
"CERT@VDE#641818"
],
"discovery": "UNKNOWN"
},
"title": "Sauter: Arbitrary File Upload",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41720",
"datePublished": "2025-10-22T06:52:03.019Z",
"dateReserved": "2025-04-16T11:17:48.313Z",
"dateUpdated": "2025-10-22T15:48:07.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41719 (GCVE-0-2025-41719)
Vulnerability from nvd – Published: 2025-10-22 06:48 – Updated: 2025-10-22 15:47
VLAI
Title
Sauter: Improper Validation of user-controlled data
Summary
A low privileged remote attacker can corrupt the webserver users storage on the device by setting a sequence of unsupported characters which leads to deletion of all previously configured users and the creation of the default Administrator with a known default password.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1286 - Improper Validation of Syntactic Correctness of Input
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sauter | modulo 6 devices modu680-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu660-AS |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | modulo 6 devices modu612-LC |
Affected:
0.0.0 , < Firmware v3.2.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu524 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 modu 5 modu525 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
|
| Sauter | EY-modulo 5 ecos 5 ecos504/505 |
Affected:
0.0 , < Firmware v6.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41719",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T15:47:18.799189Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T15:47:29.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu680-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu660-AS",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "modulo 6 devices modu612-LC",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v3.2.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu524",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 modu 5 modu525",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EY-modulo 5 ecos 5 ecos504/505",
"vendor": "Sauter",
"versions": [
{
"lessThan": "Firmware v6.0",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A low privileged remote attacker can corrupt the webserver users storage on the device by setting a sequence of unsupported characters which leads to deletion of all previously configured users and the creation of the default Administrator with a known default password."
}
],
"value": "A low privileged remote attacker can corrupt the webserver users storage on the device by setting a sequence of unsupported characters which leads to deletion of all previously configured users and the creation of the default Administrator with a known default password."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286:Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T06:48:30.796Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json"
}
],
"source": {
"advisory": "VDE-2025-060",
"defect": [
"CERT@VDE#641818"
],
"discovery": "UNKNOWN"
},
"title": "Sauter: Improper Validation of user-controlled data",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41719",
"datePublished": "2025-10-22T06:48:30.796Z",
"dateReserved": "2025-04-16T11:17:48.313Z",
"dateUpdated": "2025-10-22T15:47:29.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28655 (GCVE-0-2023-28655)
Vulnerability from nvd – Published: 2023-03-27 19:38 – Updated: 2025-01-17 17:34
VLAI
Title
CVE-2023-28655
Summary
A malicious user could leverage this vulnerability to escalate privileges or perform unauthorized actions in the context of the targeted privileged users.
Severity
5.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAUTER | EY-AS525F001 with moduWeb |
Affected:
all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:43:23.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28655",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T17:01:29.667565Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T17:34:32.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EY-AS525F001 with moduWeb",
"vendor": "SAUTER",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious user could leverage this vulnerability to escalate privileges or perform unauthorized actions in the context of the targeted privileged users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-site Scripting",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-27T19:38:44.049Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2023-28655",
"x_generator": {
"engine": "VINCE 2.0.7",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-28655"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-28655",
"datePublished": "2023-03-27T19:38:44.049Z",
"dateReserved": "2023-03-20T14:52:02.992Z",
"dateUpdated": "2025-01-17T17:34:32.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28652 (GCVE-0-2023-28652)
Vulnerability from nvd – Published: 2023-03-27 19:29 – Updated: 2025-01-17 17:38
VLAI
Title
CVE-2023-28652
Summary
An authenticated malicious user could successfully upload a malicious image could lead to a denial-of-service condition.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAUTER | EY-AS525F001 with moduWeb |
Affected:
all
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:43:23.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28652",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T17:01:33.865261Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T17:38:34.744Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EY-AS525F001 with moduWeb",
"vendor": "SAUTER",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authenticated malicious user could successfully upload a malicious image could lead to a denial-of-service condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-27T19:29:45.917Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2023-28652",
"x_generator": {
"engine": "VINCE 2.0.7",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-28652"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-28652",
"datePublished": "2023-03-27T19:29:45.917Z",
"dateReserved": "2023-03-20T14:52:02.975Z",
"dateUpdated": "2025-01-17T17:38:34.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28650 (GCVE-0-2023-28650)
Vulnerability from nvd – Published: 2023-03-27 19:40 – Updated: 2025-01-17 17:17
VLAI
Title
CVE-2023-28650
Summary
An unauthenticated remote attacker could provide a malicious link and trick an unsuspecting user into clicking on it. If clicked, the attacker could execute the malicious JavaScript (JS) payload in the target’s security context.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAUTER | EY-AS525F001 with moduWeb |
Affected:
all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:43:23.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28650",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T17:01:27.929385Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T17:17:52.267Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EY-AS525F001 with moduWeb",
"vendor": "SAUTER",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker could provide a malicious link and trick an unsuspecting user into clicking on it. If clicked, the attacker could execute the malicious JavaScript (JS) payload in the target\u2019s security context."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-site Scripting",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-27T19:40:04.111Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2023-28650",
"x_generator": {
"engine": "VINCE 2.0.7",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-28650"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-28650",
"datePublished": "2023-03-27T19:40:04.111Z",
"dateReserved": "2023-03-20T14:52:02.998Z",
"dateUpdated": "2025-01-17T17:17:52.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27927 (GCVE-0-2023-27927)
Vulnerability from nvd – Published: 2023-03-27 19:33 – Updated: 2025-01-17 17:36
VLAI
Title
CVE-2023-27927
Summary
An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password in cleartext format, despite it being protected and hidden behind asterisks. The attacker could then perform further attacks using the SMTP credentials.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAUTER | EY-AS525F001 with moduWeb |
Affected:
all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27927",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T17:01:32.631793Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T17:36:30.688Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EY-AS525F001 with moduWeb",
"vendor": "SAUTER",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password in cleartext format, despite it being protected and hidden behind asterisks. The attacker could then perform further attacks using the SMTP credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-27T19:33:49.432Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2023-27927",
"x_generator": {
"engine": "VINCE 2.0.7",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-27927"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-27927",
"datePublished": "2023-03-27T19:33:49.432Z",
"dateReserved": "2023-03-20T14:52:02.983Z",
"dateUpdated": "2025-01-17T17:36:30.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22300 (GCVE-0-2023-22300)
Vulnerability from nvd – Published: 2023-03-27 19:36 – Updated: 2025-01-17 17:35
VLAI
Title
CVE-2023-22300
Summary
An unauthenticated remote attacker could force all authenticated users, such as administrative users, to perform unauthorized actions by viewing the logs. This action would also grant the attacker privilege escalation.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAUTER | EY-AS525F001 with moduWeb |
Affected:
all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-22300",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T17:01:31.421625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T17:35:14.960Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EY-AS525F001 with moduWeb",
"vendor": "SAUTER",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker could force all authenticated users, such as administrative users, to perform unauthorized actions by viewing the logs. This action would also grant the attacker privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-site Scripting",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-27T19:36:02.936Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2023-22300",
"x_generator": {
"engine": "VINCE 2.0.7",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-22300"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-22300",
"datePublished": "2023-03-27T19:36:02.936Z",
"dateReserved": "2023-03-20T14:52:02.988Z",
"dateUpdated": "2025-01-17T17:35:14.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7915 (GCVE-0-2015-7915)
Vulnerability from nvd – Published: 2016-02-06 02:00 – Updated: 2024-08-06 08:06
VLAI
Summary
Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2016/Feb/25 | mailing-listx_refsource_FULLDISC |
| https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01 | x_refsource_MISC |
Date Public
2016-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:06:30.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160203 Sauter ModuWEB Vision SCADA vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Feb/25"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T15:57:02.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "20160203 Sauter ModuWEB Vision SCADA vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Feb/25"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-7915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160203 Sauter ModuWEB Vision SCADA vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Feb/25"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-7915",
"datePublished": "2016-02-06T02:00:00.000Z",
"dateReserved": "2015-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:06:30.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7914 (GCVE-0-2015-7914)
Vulnerability from nvd – Published: 2016-02-06 02:00 – Updated: 2024-08-06 08:06
VLAI
Summary
Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote attackers to bypass authentication by leveraging knowledge of a password hash without knowledge of the associated password.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2016/Feb/25 | mailing-listx_refsource_FULLDISC |
| https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01 | x_refsource_MISC |
Date Public
2016-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:06:30.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160203 Sauter ModuWEB Vision SCADA vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Feb/25"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote attackers to bypass authentication by leveraging knowledge of a password hash without knowledge of the associated password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T15:57:02.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "20160203 Sauter ModuWEB Vision SCADA vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Feb/25"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-7914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote attackers to bypass authentication by leveraging knowledge of a password hash without knowledge of the associated password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160203 Sauter ModuWEB Vision SCADA vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Feb/25"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-7914",
"datePublished": "2016-02-06T02:00:00.000Z",
"dateReserved": "2015-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:06:30.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-201702-0158
Vulnerability from variot - Updated: 2023-12-18 12:51An issue was discovered in Sauter NovaWeb web HMI. The application uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is valid for the associated user. Sauter is a leading provider of construction, room automation, energy management and equipment management. The Sauter NovaWeb Web HMI has a certification bypass vulnerability that an attacker can use to bypass security restrictions and perform unauthorized operations. Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0158",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "novaweb web hmi",
"scope": null,
"trust": 1.2,
"vendor": "sauter",
"version": null
},
{
"model": "novaweb web hmi",
"scope": "eq",
"trust": 1.0,
"vendor": "sauter controls",
"version": "*"
},
{
"model": "novaweb web hmi",
"scope": "eq",
"trust": 0.8,
"vendor": "fr sauter",
"version": null
},
{
"model": "novaweb web hmi",
"scope": "eq",
"trust": 0.3,
"vendor": "sauter",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "BID",
"id": "94782"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007957"
},
{
"db": "NVD",
"id": "CVE-2016-10224"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-464"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sauter-controls:novaweb_web_hmi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-10224"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Maxim Rupp",
"sources": [
{
"db": "BID",
"id": "94782"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-464"
}
],
"trust": 0.9
},
"cve": "CVE-2016-10224",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-10224",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-12553",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-10224",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-10224",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-12553",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-464",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007957"
},
{
"db": "NVD",
"id": "CVE-2016-10224"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-464"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in Sauter NovaWeb web HMI. The application uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is valid for the associated user. Sauter is a leading provider of construction, room automation, energy management and equipment management. The Sauter NovaWeb Web HMI has a certification bypass vulnerability that an attacker can use to bypass security restrictions and perform unauthorized operations. \nAttackers can exploit this issue to gain unauthorized access and perform unauthorized actions",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-10224"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007957"
},
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "BID",
"id": "94782"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ICS CERT",
"id": "ICSA-16-343-02",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2016-10224",
"trust": 2.7
},
{
"db": "BID",
"id": "94782",
"trust": 1.5
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007957",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-12553",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201702-464",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "BID",
"id": "94782"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007957"
},
{
"db": "NVD",
"id": "CVE-2016-10224"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-464"
}
]
},
"id": "VAR-201702-0158",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12553"
}
],
"trust": 1.2999999999999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12553"
}
]
},
"last_update_date": "2023-12-18T12:51:24.211000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sauter-controls.com/en.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007957"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-254",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007957"
},
{
"db": "NVD",
"id": "CVE-2016-10224"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-343-02"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/94782"
},
{
"trust": 0.9,
"url": "http://www.sauter-controls.com/en.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10224"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-10224"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "BID",
"id": "94782"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007957"
},
{
"db": "NVD",
"id": "CVE-2016-10224"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-464"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "BID",
"id": "94782"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007957"
},
{
"db": "NVD",
"id": "CVE-2016-10224"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-464"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"date": "2016-12-08T00:00:00",
"db": "BID",
"id": "94782"
},
{
"date": "2017-03-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007957"
},
{
"date": "2017-02-13T21:59:00.127000",
"db": "NVD",
"id": "CVE-2016-10224"
},
{
"date": "2017-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-464"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"date": "2019-04-12T21:00:00",
"db": "BID",
"id": "94782"
},
{
"date": "2017-03-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007957"
},
{
"date": "2021-08-31T19:57:23.857000",
"db": "NVD",
"id": "CVE-2016-10224"
},
{
"date": "2021-09-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-464"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-464"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sauter NovaWeb Web HMI Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007957"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-464"
}
],
"trust": 0.6
}
}
VAR-201702-0416
Vulnerability from variot - Updated: 2023-12-18 12:51An issue was discovered in Locus Energy LGate prior to 1.05H, LGate 50, LGate 100, LGate 101, LGate 120, and LGate 320. Locus Energy meters use a PHP script to manage the energy meter parameters for voltage monitoring and network configuration. The PHP code does not properly validate information that is sent in the POST request. Sauter is a leading provider of construction, room automation, energy management and equipment management. The Sauter NovaWeb Web HMI has a certification bypass vulnerability that an attacker can use to bypass security restrictions and perform unauthorized operations. An attacker may leverage this issue to inject and execute arbitrary commands. Sauter NovaWeb Web HMI is prone to an authentication-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. are the Web-based data acquisition systems of Locus Energy Corporation in the United States
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0416",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "lgate",
"scope": "eq",
"trust": 1.6,
"vendor": "locusenergy",
"version": null
},
{
"model": "lgate 100",
"scope": null,
"trust": 0.8,
"vendor": "locus energy",
"version": null
},
{
"model": "lgate 101",
"scope": null,
"trust": 0.8,
"vendor": "locus energy",
"version": null
},
{
"model": "lgate 120",
"scope": null,
"trust": 0.8,
"vendor": "locus energy",
"version": null
},
{
"model": "lgate 320",
"scope": null,
"trust": 0.8,
"vendor": "locus energy",
"version": null
},
{
"model": "lgate 50",
"scope": null,
"trust": 0.8,
"vendor": "locus energy",
"version": null
},
{
"model": "lgate",
"scope": "lt",
"trust": 0.8,
"vendor": "locus energy",
"version": "1.05h"
},
{
"model": "novaweb web hmi",
"scope": null,
"trust": 0.6,
"vendor": "sauter",
"version": null
},
{
"model": "energy lgate",
"scope": "eq",
"trust": 0.3,
"vendor": "locus",
"version": "500"
},
{
"model": "energy lgate",
"scope": "eq",
"trust": 0.3,
"vendor": "locus",
"version": "3200"
},
{
"model": "energy lgate",
"scope": "eq",
"trust": 0.3,
"vendor": "locus",
"version": "1200"
},
{
"model": "energy lgate",
"scope": "eq",
"trust": 0.3,
"vendor": "locus",
"version": "1010"
},
{
"model": "energy lgate",
"scope": "eq",
"trust": 0.3,
"vendor": "locus",
"version": "1000"
},
{
"model": "energy lgate",
"scope": "eq",
"trust": 0.3,
"vendor": "locus",
"version": "0"
},
{
"model": "energy lgate 1.05h",
"scope": "ne",
"trust": 0.3,
"vendor": "locus",
"version": null
},
{
"model": "novaweb web hmi",
"scope": "eq",
"trust": 0.3,
"vendor": "sauter",
"version": "0"
},
{
"model": "novaweb web hmi",
"scope": "eq",
"trust": 0.2,
"vendor": "sauter",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "3927ba3a-7291-4efe-8eb4-5c278de9fcfd"
},
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "BID",
"id": "94698"
},
{
"db": "BID",
"id": "94782"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007973"
},
{
"db": "NVD",
"id": "CVE-2016-5782"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-182"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:locusenergy:lgate_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:locusenergy:lgate_100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:locusenergy:lgate_120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:locusenergy:lgate_320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:locusenergy:lgate_50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:locusenergy:lgate_101:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5782"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Maxim Rupp,Daniel Reich",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-182"
}
],
"trust": 0.6
},
"cve": "CVE-2016-5782",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-5782",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-12553",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "3927ba3a-7291-4efe-8eb4-5c278de9fcfd",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-94601",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 8.6,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-5782",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-5782",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-12553",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201612-182",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "3927ba3a-7291-4efe-8eb4-5c278de9fcfd",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-94601",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "3927ba3a-7291-4efe-8eb4-5c278de9fcfd"
},
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "VULHUB",
"id": "VHN-94601"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007973"
},
{
"db": "NVD",
"id": "CVE-2016-5782"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-182"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in Locus Energy LGate prior to 1.05H, LGate 50, LGate 100, LGate 101, LGate 120, and LGate 320. Locus Energy meters use a PHP script to manage the energy meter parameters for voltage monitoring and network configuration. The PHP code does not properly validate information that is sent in the POST request. Sauter is a leading provider of construction, room automation, energy management and equipment management. The Sauter NovaWeb Web HMI has a certification bypass vulnerability that an attacker can use to bypass security restrictions and perform unauthorized operations. \nAn attacker may leverage this issue to inject and execute arbitrary commands. Sauter NovaWeb Web HMI is prone to an authentication-bypass vulnerability. \nAttackers can exploit this issue to gain unauthorized access and perform unauthorized actions. are the Web-based data acquisition systems of Locus Energy Corporation in the United States",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5782"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007973"
},
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "BID",
"id": "94698"
},
{
"db": "BID",
"id": "94782"
},
{
"db": "IVD",
"id": "3927ba3a-7291-4efe-8eb4-5c278de9fcfd"
},
{
"db": "VULHUB",
"id": "VHN-94601"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5782",
"trust": 3.3
},
{
"db": "BID",
"id": "94782",
"trust": 2.6
},
{
"db": "ICS CERT",
"id": "ICSA-16-231-01",
"trust": 2.2
},
{
"db": "ICS CERT",
"id": "ICSA-16-343-02",
"trust": 1.5
},
{
"db": "BID",
"id": "94698",
"trust": 1.4
},
{
"db": "CNNVD",
"id": "CNNVD-201612-182",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-12553",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007973",
"trust": 0.8
},
{
"db": "IVD",
"id": "3927BA3A-7291-4EFE-8EB4-5C278DE9FCFD",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-94601",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "3927ba3a-7291-4efe-8eb4-5c278de9fcfd"
},
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "VULHUB",
"id": "VHN-94601"
},
{
"db": "BID",
"id": "94698"
},
{
"db": "BID",
"id": "94782"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007973"
},
{
"db": "NVD",
"id": "CVE-2016-5782"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-182"
}
]
},
"id": "VAR-201702-0416",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "3927ba3a-7291-4efe-8eb4-5c278de9fcfd"
},
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "VULHUB",
"id": "VHN-94601"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "3927ba3a-7291-4efe-8eb4-5c278de9fcfd"
},
{
"db": "CNVD",
"id": "CNVD-2016-12553"
}
]
},
"last_update_date": "2023-12-18T12:51:24.170000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://locusenergy.com/"
},
{
"title": "Multiple Locus Energy LGate Product Command Injection Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=66223"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007973"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-182"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94601"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007973"
},
{
"db": "NVD",
"id": "CVE-2016-5782"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/94782"
},
{
"trust": 2.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-231-01-0"
},
{
"trust": 1.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-343-02"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/94698"
},
{
"trust": 0.9,
"url": "http://www.sauter-controls.com/en.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5782"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5782"
},
{
"trust": 0.3,
"url": "http://locusenergy.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "VULHUB",
"id": "VHN-94601"
},
{
"db": "BID",
"id": "94698"
},
{
"db": "BID",
"id": "94782"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007973"
},
{
"db": "NVD",
"id": "CVE-2016-5782"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-182"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "3927ba3a-7291-4efe-8eb4-5c278de9fcfd"
},
{
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"db": "VULHUB",
"id": "VHN-94601"
},
{
"db": "BID",
"id": "94698"
},
{
"db": "BID",
"id": "94782"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007973"
},
{
"db": "NVD",
"id": "CVE-2016-5782"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-182"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-19T00:00:00",
"db": "IVD",
"id": "3927ba3a-7291-4efe-8eb4-5c278de9fcfd"
},
{
"date": "2016-12-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"date": "2017-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-94601"
},
{
"date": "2016-12-06T00:00:00",
"db": "BID",
"id": "94698"
},
{
"date": "2016-12-08T00:00:00",
"db": "BID",
"id": "94782"
},
{
"date": "2017-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007973"
},
{
"date": "2017-02-13T21:59:00.190000",
"db": "NVD",
"id": "CVE-2016-5782"
},
{
"date": "2016-12-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-182"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-12553"
},
{
"date": "2017-03-14T00:00:00",
"db": "VULHUB",
"id": "VHN-94601"
},
{
"date": "2016-12-20T01:08:00",
"db": "BID",
"id": "94698"
},
{
"date": "2019-04-12T21:00:00",
"db": "BID",
"id": "94782"
},
{
"date": "2017-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007973"
},
{
"date": "2017-03-14T19:17:44.520000",
"db": "NVD",
"id": "CVE-2016-5782"
},
{
"date": "2019-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-182"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "94698"
},
{
"db": "BID",
"id": "94782"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sauter NovaWeb Web HMI Authentication Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "3927ba3a-7291-4efe-8eb4-5c278de9fcfd"
},
{
"db": "CNVD",
"id": "CNVD-2016-12553"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation error",
"sources": [
{
"db": "IVD",
"id": "3927ba3a-7291-4efe-8eb4-5c278de9fcfd"
},
{
"db": "BID",
"id": "94698"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-182"
}
],
"trust": 1.1
}
}
VAR-201602-0086
Vulnerability from variot - Updated: 2023-12-18 12:30Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote attackers to bypass authentication by leveraging knowledge of a password hash without knowledge of the associated password. Sauter EY-WS505F0x0 moduWeb Vision Contains a vulnerability that prevents authentication. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. Sauter moduWeb Vision is an embedded web-based SCADA system for HVAC. Multiple information-disclosure vulnerabilities 2. A cross-site scripting vulnerability An attacker may leverage these issues to obtain potentially sensitive information, steal cookie based authentication credentials and to execute arbitrary HTML and script in the browser of an unsuspecting user in the context of the affected site. Other attacks may also be possible. Vulnerabilities
CVSS 10 - INSECURE CREDENTIAL STORAGE (Pass the Hash) CVE-2015-7914
CVSS 10 - INSECURE TRANSMISSION OF CREDENTIALS CVE-2015-7915
CVSS 7.4 - CROSS-SITE SCRIPTING CVE-2015-7916
Other risk exposures
Undocumented default accounts
Note that default accounts with changeable passwords, even when those are undocumented and do not look as user accounts neither in interface or documentation, constitute a formal vulnerability. It is at worst a misconfiguration.
References (Source)
This advisory:
https://www.outpost24.com/critical-scada-vulnerabilities-sauter-moduweb/
ICS CERT:
https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01
Summary of the issues
In short \x96 By obtaining access to a system using undocumented accounts, it is possible to obtain a low privilege level.
By exploiting the fact that the cashed credentials used for the \x93remember me\x94 function of the web application employ the same encryption as the one used for protection of passwords included in backups, a user can elevate privileges to administrator level.
The backups also contain other encrypted configuration information which can further an attacker\x92s access to also affect for example email accounts used for notifications.
By accessing the system as an administrator, an attacker can obtain those credentials in plain text from the system as they are included in the configuration details, protected only by the use of \x93password\x94 field-types in the forms.
In essence this constitute a pass the hash vulnerability. Just as with https://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/ which used hashed inputs to generate secure transfer of credentials over non encrypted connections, applying the same protection scheme to its stored, and exposed, secrets.
Don\x92t do your own cryptography.
A bit more details, sufficient for the interested reader to recreate but not a straight forward guide, available at the provided references.
Martin Jartelius \x96 CSO \x96 Outpost24 John Stock \x96 Technology Program Director \x96 Outpost24
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0086",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "moduweb vision",
"scope": "lte",
"trust": 1.0,
"vendor": "sauter",
"version": "1.5.5"
},
{
"model": "ey-ws505f0x0 moduweb vision",
"scope": "lt",
"trust": 0.8,
"vendor": "fr sauter",
"version": "1.6.0"
},
{
"model": "ey-ws505f0x0 moduweb vision",
"scope": "lt",
"trust": 0.6,
"vendor": "sauter",
"version": "1.6.0"
},
{
"model": "moduweb vision",
"scope": "eq",
"trust": 0.6,
"vendor": "sauter",
"version": "1.5.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "moduweb vision",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "62481994-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00977"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006884"
},
{
"db": "NVD",
"id": "CVE-2015-7914"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-124"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sauter:moduweb_vision:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7914"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Martin Jartelius and John Stock of Outpost24.",
"sources": [
{
"db": "BID",
"id": "82408"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7914",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7914",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-00977",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "62481994-2351-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7914",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-00977",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-124",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "62481994-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "62481994-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00977"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006884"
},
{
"db": "NVD",
"id": "CVE-2015-7914"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-124"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote attackers to bypass authentication by leveraging knowledge of a password hash without knowledge of the associated password. Sauter EY-WS505F0x0 moduWeb Vision Contains a vulnerability that prevents authentication. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. Sauter moduWeb Vision is an embedded web-based SCADA system for HVAC. Multiple information-disclosure vulnerabilities\n2. A cross-site scripting vulnerability\nAn attacker may leverage these issues to obtain potentially sensitive information, steal cookie based authentication credentials and to execute arbitrary HTML and script in the browser of an unsuspecting user in the context of the affected site. Other attacks may also be possible. Vulnerabilities\n\n---------------\n\nCVSS 10 - INSECURE CREDENTIAL STORAGE (Pass the Hash) CVE-2015-7914\n\nCVSS 10 - INSECURE TRANSMISSION OF CREDENTIALS CVE-2015-7915\n\nCVSS 7.4 - CROSS-SITE SCRIPTING CVE-2015-7916\n\n \n\nOther risk exposures\n\n---------------\n\nUndocumented default accounts\n\n \n\nNote that default accounts with changeable passwords, even when those\nare undocumented and do not look as user accounts neither in interface\nor documentation, constitute a formal vulnerability. It is at worst a\nmisconfiguration. \n\n \n\nReferences (Source)\n\n---------------\n\nThis advisory:\n\nhttps://www.outpost24.com/critical-scada-vulnerabilities-sauter-moduweb/\n\n \n\nICS CERT:\n\nhttps://ics-cert.us-cert.gov/advisories/ICSA-16-033-01\n\n\nSummary of the issues\n---------------\nIn short \\x96 By obtaining access to a system using undocumented accounts,\nit is possible to obtain a low privilege level. \n\nBy exploiting the fact that the cashed credentials used for the\n\\x93remember me\\x94 function of the web application employ the same encryption\nas the one used for protection of passwords included in backups, a user\ncan elevate privileges to administrator level. \n\nThe backups also contain other encrypted configuration information which\ncan further an attacker\\x92s access to also affect for example email\naccounts used for notifications. \n\nBy accessing the system as an administrator, an attacker can obtain\nthose credentials in plain text from the system as they are included in\nthe configuration details, protected only by the use of \\x93password\\x94\nfield-types in the forms. \n\nIn essence this constitute a pass the hash vulnerability. Just as with\nhttps://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/\nwhich used hashed inputs to generate secure transfer of credentials over\nnon encrypted connections, applying the same protection scheme to its\nstored, and exposed, secrets. \n\n\nDon\\x92t do your own cryptography. \n\n \n\nA bit more details, sufficient for the interested reader to recreate but\nnot a straight forward guide, available at the provided references. \n\n \n\n \n\nMartin Jartelius \\x96 CSO \\x96 Outpost24\nJohn Stock \\x96 Technology Program Director \\x96 Outpost24\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7914"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006884"
},
{
"db": "CNVD",
"id": "CNVD-2016-00977"
},
{
"db": "BID",
"id": "82408"
},
{
"db": "IVD",
"id": "62481994-2351-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "135615"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7914",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-16-033-01",
"trust": 3.4
},
{
"db": "CNVD",
"id": "CNVD-2016-00977",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-124",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006884",
"trust": 0.8
},
{
"db": "BID",
"id": "82408",
"trust": 0.3
},
{
"db": "IVD",
"id": "62481994-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "135615",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "62481994-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00977"
},
{
"db": "BID",
"id": "82408"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006884"
},
{
"db": "PACKETSTORM",
"id": "135615"
},
{
"db": "NVD",
"id": "CVE-2015-7914"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-124"
}
]
},
"id": "VAR-201602-0086",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "62481994-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00977"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "62481994-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00977"
}
]
},
"last_update_date": "2023-12-18T12:30:04.599000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Web server for moduWeb Vision and moduWeb500 BACnet networks",
"trust": 0.8,
"url": "http://www.sauter-controls.com/en/products-sauter/product-details/pdm/ey-ws-500-web-server-for-moduweb-vision-and-moduweb500-bacnet-networks.html"
},
{
"title": "Sauter moduWeb Vision certificate is not safe to store vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/71357"
},
{
"title": "Sauter EY-WS505F0x0 modoWeb Vision Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60076"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00977"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006884"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-124"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
},
{
"problemtype": "CWE-254",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006884"
},
{
"db": "NVD",
"id": "CVE-2015-7914"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-033-01"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2016/feb/25"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7914"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7914"
},
{
"trust": 0.3,
"url": "http://www.sauter-controls.com/en.html"
},
{
"trust": 0.1,
"url": "https://www.outpost24.com/critical-scada-vulnerabilities-sauter-moduweb/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7916"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7915"
},
{
"trust": 0.1,
"url": "https://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7914"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00977"
},
{
"db": "BID",
"id": "82408"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006884"
},
{
"db": "PACKETSTORM",
"id": "135615"
},
{
"db": "NVD",
"id": "CVE-2015-7914"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-124"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "62481994-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00977"
},
{
"db": "BID",
"id": "82408"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006884"
},
{
"db": "PACKETSTORM",
"id": "135615"
},
{
"db": "NVD",
"id": "CVE-2015-7914"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-124"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-16T00:00:00",
"db": "IVD",
"id": "62481994-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2016-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00977"
},
{
"date": "2016-02-02T00:00:00",
"db": "BID",
"id": "82408"
},
{
"date": "2016-02-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006884"
},
{
"date": "2016-02-05T15:55:55",
"db": "PACKETSTORM",
"id": "135615"
},
{
"date": "2016-02-06T05:59:00.180000",
"db": "NVD",
"id": "CVE-2015-7914"
},
{
"date": "2016-02-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-124"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00977"
},
{
"date": "2016-07-05T21:21:00",
"db": "BID",
"id": "82408"
},
{
"date": "2016-02-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006884"
},
{
"date": "2016-12-03T03:13:19.823000",
"db": "NVD",
"id": "CVE-2015-7914"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-124"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-124"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sauter moduWeb Vision Certificate Insecure Storage Vulnerability",
"sources": [
{
"db": "IVD",
"id": "62481994-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00977"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-124"
}
],
"trust": 0.6
}
}
VAR-201602-0087
Vulnerability from variot - Updated: 2023-12-18 12:30Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network. Sauter moduWeb Vision is an embedded web-based SCADA system for HVAC. A remote attacker could exploit the vulnerability to obtain a certificate and bypass authentication. Sauter moduWeb Vision is prone to multiple security vulnerabilities: 1. Multiple information-disclosure vulnerabilities 2. A cross-site scripting vulnerability An attacker may leverage these issues to obtain potentially sensitive information, steal cookie based authentication credentials and to execute arbitrary HTML and script in the browser of an unsuspecting user in the context of the affected site. Other attacks may also be possible. Vulnerabilities
CVSS 10 - INSECURE CREDENTIAL STORAGE (Pass the Hash) CVE-2015-7914
CVSS 10 - INSECURE TRANSMISSION OF CREDENTIALS CVE-2015-7915
CVSS 7.4 - CROSS-SITE SCRIPTING CVE-2015-7916
Other risk exposures
Undocumented default accounts
Note that default accounts with changeable passwords, even when those are undocumented and do not look as user accounts neither in interface or documentation, constitute a formal vulnerability. It is at worst a misconfiguration.
References (Source)
This advisory:
https://www.outpost24.com/critical-scada-vulnerabilities-sauter-moduweb/
ICS CERT:
https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01
Summary of the issues
In short \x96 By obtaining access to a system using undocumented accounts, it is possible to obtain a low privilege level.
By exploiting the fact that the cashed credentials used for the \x93remember me\x94 function of the web application employ the same encryption as the one used for protection of passwords included in backups, a user can elevate privileges to administrator level.
The backups also contain other encrypted configuration information which can further an attacker\x92s access to also affect for example email accounts used for notifications.
By accessing the system as an administrator, an attacker can obtain those credentials in plain text from the system as they are included in the configuration details, protected only by the use of \x93password\x94 field-types in the forms.
In essence this constitute a pass the hash vulnerability. Just as with https://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/ which used hashed inputs to generate secure transfer of credentials over non encrypted connections, applying the same protection scheme to its stored, and exposed, secrets.
Don\x92t do your own cryptography.
A bit more details, sufficient for the interested reader to recreate but not a straight forward guide, available at the provided references.
Martin Jartelius \x96 CSO \x96 Outpost24 John Stock \x96 Technology Program Director \x96 Outpost24
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0087",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "moduweb vision",
"scope": "lte",
"trust": 1.0,
"vendor": "sauter",
"version": "1.5.5"
},
{
"model": "ey-ws505f0x0 moduweb vision",
"scope": "lt",
"trust": 0.8,
"vendor": "fr sauter",
"version": "1.6.0"
},
{
"model": "ey-ws505f0x0 moduweb vision",
"scope": "lt",
"trust": 0.6,
"vendor": "sauter",
"version": "1.6.0"
},
{
"model": "moduweb vision",
"scope": "eq",
"trust": 0.6,
"vendor": "sauter",
"version": "1.5.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "moduweb vision",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "624965d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00978"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006885"
},
{
"db": "NVD",
"id": "CVE-2015-7915"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-125"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sauter:moduweb_vision:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7915"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Martin Jartelius and John Stock of Outpost24.",
"sources": [
{
"db": "BID",
"id": "82408"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7915",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7915",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-00978",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "624965d8-2351-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7915",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2015-7915",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-00978",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-125",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "624965d8-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "624965d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00978"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006885"
},
{
"db": "NVD",
"id": "CVE-2015-7915"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-125"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network. Sauter moduWeb Vision is an embedded web-based SCADA system for HVAC. A remote attacker could exploit the vulnerability to obtain a certificate and bypass authentication. Sauter moduWeb Vision is prone to multiple security vulnerabilities:\n1. Multiple information-disclosure vulnerabilities\n2. A cross-site scripting vulnerability\nAn attacker may leverage these issues to obtain potentially sensitive information, steal cookie based authentication credentials and to execute arbitrary HTML and script in the browser of an unsuspecting user in the context of the affected site. Other attacks may also be possible. Vulnerabilities\n\n---------------\n\nCVSS 10 - INSECURE CREDENTIAL STORAGE (Pass the Hash) CVE-2015-7914\n\nCVSS 10 - INSECURE TRANSMISSION OF CREDENTIALS CVE-2015-7915\n\nCVSS 7.4 - CROSS-SITE SCRIPTING CVE-2015-7916\n\n \n\nOther risk exposures\n\n---------------\n\nUndocumented default accounts\n\n \n\nNote that default accounts with changeable passwords, even when those\nare undocumented and do not look as user accounts neither in interface\nor documentation, constitute a formal vulnerability. It is at worst a\nmisconfiguration. \n\n \n\nReferences (Source)\n\n---------------\n\nThis advisory:\n\nhttps://www.outpost24.com/critical-scada-vulnerabilities-sauter-moduweb/\n\n \n\nICS CERT:\n\nhttps://ics-cert.us-cert.gov/advisories/ICSA-16-033-01\n\n\nSummary of the issues\n---------------\nIn short \\x96 By obtaining access to a system using undocumented accounts,\nit is possible to obtain a low privilege level. \n\nBy exploiting the fact that the cashed credentials used for the\n\\x93remember me\\x94 function of the web application employ the same encryption\nas the one used for protection of passwords included in backups, a user\ncan elevate privileges to administrator level. \n\nThe backups also contain other encrypted configuration information which\ncan further an attacker\\x92s access to also affect for example email\naccounts used for notifications. \n\nBy accessing the system as an administrator, an attacker can obtain\nthose credentials in plain text from the system as they are included in\nthe configuration details, protected only by the use of \\x93password\\x94\nfield-types in the forms. \n\nIn essence this constitute a pass the hash vulnerability. Just as with\nhttps://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/\nwhich used hashed inputs to generate secure transfer of credentials over\nnon encrypted connections, applying the same protection scheme to its\nstored, and exposed, secrets. \n\n\nDon\\x92t do your own cryptography. \n\n \n\nA bit more details, sufficient for the interested reader to recreate but\nnot a straight forward guide, available at the provided references. \n\n \n\n \n\nMartin Jartelius \\x96 CSO \\x96 Outpost24\nJohn Stock \\x96 Technology Program Director \\x96 Outpost24\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7915"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006885"
},
{
"db": "CNVD",
"id": "CNVD-2016-00978"
},
{
"db": "BID",
"id": "82408"
},
{
"db": "IVD",
"id": "624965d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "135615"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7915",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-16-033-01",
"trust": 3.4
},
{
"db": "CNVD",
"id": "CNVD-2016-00978",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-125",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006885",
"trust": 0.8
},
{
"db": "BID",
"id": "82408",
"trust": 0.3
},
{
"db": "IVD",
"id": "624965D8-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "135615",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "624965d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00978"
},
{
"db": "BID",
"id": "82408"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006885"
},
{
"db": "PACKETSTORM",
"id": "135615"
},
{
"db": "NVD",
"id": "CVE-2015-7915"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-125"
}
]
},
"id": "VAR-201602-0087",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "624965d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00978"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "624965d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00978"
}
]
},
"last_update_date": "2023-12-18T12:30:04.562000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Web server for moduWeb Vision and moduWeb500 BACnet networks",
"trust": 0.8,
"url": "http://www.sauter-controls.com/en/products-sauter/product-details/pdm/ey-ws-500-web-server-for-moduweb-vision-and-moduweb500-bacnet-networks.html"
},
{
"title": "Sauter moduWeb Vision security bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/71355"
},
{
"title": "Sauter EY-WS505F0x0 moduWeb Vision Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60077"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00978"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006885"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-125"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.8
},
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006885"
},
{
"db": "NVD",
"id": "CVE-2015-7915"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-033-01"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2016/feb/25"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7915"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7915"
},
{
"trust": 0.3,
"url": "http://www.sauter-controls.com/en.html"
},
{
"trust": 0.1,
"url": "https://www.outpost24.com/critical-scada-vulnerabilities-sauter-moduweb/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7916"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7915"
},
{
"trust": 0.1,
"url": "https://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7914"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00978"
},
{
"db": "BID",
"id": "82408"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006885"
},
{
"db": "PACKETSTORM",
"id": "135615"
},
{
"db": "NVD",
"id": "CVE-2015-7915"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-125"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "624965d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00978"
},
{
"db": "BID",
"id": "82408"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006885"
},
{
"db": "PACKETSTORM",
"id": "135615"
},
{
"db": "NVD",
"id": "CVE-2015-7915"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-125"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-16T00:00:00",
"db": "IVD",
"id": "624965d8-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2016-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00978"
},
{
"date": "2016-02-02T00:00:00",
"db": "BID",
"id": "82408"
},
{
"date": "2016-02-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006885"
},
{
"date": "2016-02-05T15:55:55",
"db": "PACKETSTORM",
"id": "135615"
},
{
"date": "2016-02-06T05:59:01.353000",
"db": "NVD",
"id": "CVE-2015-7915"
},
{
"date": "2016-02-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-125"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00978"
},
{
"date": "2016-07-05T21:21:00",
"db": "BID",
"id": "82408"
},
{
"date": "2016-02-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006885"
},
{
"date": "2016-12-03T03:13:20.900000",
"db": "NVD",
"id": "CVE-2015-7915"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-125"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-125"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sauter moduWeb Vision Security Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "624965d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00978"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-125"
}
],
"trust": 0.6
}
}
VAR-201602-0088
Vulnerability from variot - Updated: 2023-12-18 12:30Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query. Sauter moduWeb Vision is an embedded web-based SCADA system for HVAC. Sauter moduWeb Vision is prone to multiple security vulnerabilities: 1. Multiple information-disclosure vulnerabilities 2. Other attacks may also be possible. Vulnerabilities
CVSS 10 - INSECURE CREDENTIAL STORAGE (Pass the Hash) CVE-2015-7914
CVSS 10 - INSECURE TRANSMISSION OF CREDENTIALS CVE-2015-7915
CVSS 7.4 - CROSS-SITE SCRIPTING CVE-2015-7916
Other risk exposures
Undocumented default accounts
Note that default accounts with changeable passwords, even when those are undocumented and do not look as user accounts neither in interface or documentation, constitute a formal vulnerability. It is at worst a misconfiguration.
References (Source)
This advisory:
https://www.outpost24.com/critical-scada-vulnerabilities-sauter-moduweb/
ICS CERT:
https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01
Summary of the issues
In short \x96 By obtaining access to a system using undocumented accounts, it is possible to obtain a low privilege level.
By exploiting the fact that the cashed credentials used for the \x93remember me\x94 function of the web application employ the same encryption as the one used for protection of passwords included in backups, a user can elevate privileges to administrator level.
The backups also contain other encrypted configuration information which can further an attacker\x92s access to also affect for example email accounts used for notifications.
By accessing the system as an administrator, an attacker can obtain those credentials in plain text from the system as they are included in the configuration details, protected only by the use of \x93password\x94 field-types in the forms.
In essence this constitute a pass the hash vulnerability. Just as with https://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/ which used hashed inputs to generate secure transfer of credentials over non encrypted connections, applying the same protection scheme to its stored, and exposed, secrets.
Don\x92t do your own cryptography.
A bit more details, sufficient for the interested reader to recreate but not a straight forward guide, available at the provided references.
Martin Jartelius \x96 CSO \x96 Outpost24 John Stock \x96 Technology Program Director \x96 Outpost24
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0088",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "moduweb vision",
"scope": "lte",
"trust": 1.0,
"vendor": "sauter controls",
"version": "1.5"
},
{
"model": "moduweb vision",
"scope": "lt",
"trust": 0.8,
"vendor": "fr sauter",
"version": "(ey-ws505f0x0) 1.6.0"
},
{
"model": "ey-ws505f0x0 moduweb vision",
"scope": "lt",
"trust": 0.6,
"vendor": "sauter",
"version": "1.6.0"
},
{
"model": "moduweb vision",
"scope": "eq",
"trust": 0.6,
"vendor": "sauter",
"version": "1.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "moduweb vision",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "624a92fa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00979"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006867"
},
{
"db": "NVD",
"id": "CVE-2015-7916"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-126"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sauter-controls:moduweb_vision:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7916"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Martin Jartelius and John Stock of Outpost24.",
"sources": [
{
"db": "BID",
"id": "82408"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7916",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-7916",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-00979",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "624a92fa-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"impactScore": 3.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7916",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7916",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2016-00979",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-126",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "624a92fa-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "624a92fa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00979"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006867"
},
{
"db": "NVD",
"id": "CVE-2015-7916"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-126"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query. Sauter moduWeb Vision is an embedded web-based SCADA system for HVAC. Sauter moduWeb Vision is prone to multiple security vulnerabilities:\n1. Multiple information-disclosure vulnerabilities\n2. Other attacks may also be possible. Vulnerabilities\n\n---------------\n\nCVSS 10 - INSECURE CREDENTIAL STORAGE (Pass the Hash) CVE-2015-7914\n\nCVSS 10 - INSECURE TRANSMISSION OF CREDENTIALS CVE-2015-7915\n\nCVSS 7.4 - CROSS-SITE SCRIPTING CVE-2015-7916\n\n \n\nOther risk exposures\n\n---------------\n\nUndocumented default accounts\n\n \n\nNote that default accounts with changeable passwords, even when those\nare undocumented and do not look as user accounts neither in interface\nor documentation, constitute a formal vulnerability. It is at worst a\nmisconfiguration. \n\n \n\nReferences (Source)\n\n---------------\n\nThis advisory:\n\nhttps://www.outpost24.com/critical-scada-vulnerabilities-sauter-moduweb/\n\n \n\nICS CERT:\n\nhttps://ics-cert.us-cert.gov/advisories/ICSA-16-033-01\n\n\nSummary of the issues\n---------------\nIn short \\x96 By obtaining access to a system using undocumented accounts,\nit is possible to obtain a low privilege level. \n\nBy exploiting the fact that the cashed credentials used for the\n\\x93remember me\\x94 function of the web application employ the same encryption\nas the one used for protection of passwords included in backups, a user\ncan elevate privileges to administrator level. \n\nThe backups also contain other encrypted configuration information which\ncan further an attacker\\x92s access to also affect for example email\naccounts used for notifications. \n\nBy accessing the system as an administrator, an attacker can obtain\nthose credentials in plain text from the system as they are included in\nthe configuration details, protected only by the use of \\x93password\\x94\nfield-types in the forms. \n\nIn essence this constitute a pass the hash vulnerability. Just as with\nhttps://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/\nwhich used hashed inputs to generate secure transfer of credentials over\nnon encrypted connections, applying the same protection scheme to its\nstored, and exposed, secrets. \n\n\nDon\\x92t do your own cryptography. \n\n \n\nA bit more details, sufficient for the interested reader to recreate but\nnot a straight forward guide, available at the provided references. \n\n \n\n \n\nMartin Jartelius \\x96 CSO \\x96 Outpost24\nJohn Stock \\x96 Technology Program Director \\x96 Outpost24\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7916"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006867"
},
{
"db": "CNVD",
"id": "CNVD-2016-00979"
},
{
"db": "BID",
"id": "82408"
},
{
"db": "IVD",
"id": "624a92fa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "135615"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7916",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-16-033-01",
"trust": 3.4
},
{
"db": "CNVD",
"id": "CNVD-2016-00979",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-126",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006867",
"trust": 0.8
},
{
"db": "BID",
"id": "82408",
"trust": 0.3
},
{
"db": "IVD",
"id": "624A92FA-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "135615",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "624a92fa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00979"
},
{
"db": "BID",
"id": "82408"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006867"
},
{
"db": "PACKETSTORM",
"id": "135615"
},
{
"db": "NVD",
"id": "CVE-2015-7916"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-126"
}
]
},
"id": "VAR-201602-0088",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "624a92fa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00979"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "624a92fa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00979"
}
]
},
"last_update_date": "2023-12-18T12:30:04.483000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Web server for moduWeb Vision and moduWeb500 BACnet networks",
"trust": 0.8,
"url": "http://www.sauter-controls.com/en/products-sauter/product-details/pdm/ey-ws-500-web-server-for-moduweb-vision-and-moduweb500-bacnet-networks.html"
},
{
"title": "Patch for Sauter moduWeb Vision Web Server Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/71353"
},
{
"title": "Sauter EY-WS505F0x0 moduWeb Vision Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60078"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00979"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006867"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-126"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006867"
},
{
"db": "NVD",
"id": "CVE-2015-7916"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-033-01"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2016/feb/25"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7916"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7916"
},
{
"trust": 0.3,
"url": "http://www.sauter-controls.com/en.html"
},
{
"trust": 0.1,
"url": "https://www.outpost24.com/critical-scada-vulnerabilities-sauter-moduweb/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7916"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7915"
},
{
"trust": 0.1,
"url": "https://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7914"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00979"
},
{
"db": "BID",
"id": "82408"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006867"
},
{
"db": "PACKETSTORM",
"id": "135615"
},
{
"db": "NVD",
"id": "CVE-2015-7916"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-126"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "624a92fa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00979"
},
{
"db": "BID",
"id": "82408"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006867"
},
{
"db": "PACKETSTORM",
"id": "135615"
},
{
"db": "NVD",
"id": "CVE-2015-7916"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-126"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-16T00:00:00",
"db": "IVD",
"id": "624a92fa-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2016-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00979"
},
{
"date": "2016-02-02T00:00:00",
"db": "BID",
"id": "82408"
},
{
"date": "2016-02-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006867"
},
{
"date": "2016-02-05T15:55:55",
"db": "PACKETSTORM",
"id": "135615"
},
{
"date": "2016-02-06T05:59:02.323000",
"db": "NVD",
"id": "CVE-2015-7916"
},
{
"date": "2016-02-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-126"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00979"
},
{
"date": "2016-07-05T21:21:00",
"db": "BID",
"id": "82408"
},
{
"date": "2016-02-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006867"
},
{
"date": "2020-06-24T12:49:29.853000",
"db": "NVD",
"id": "CVE-2015-7916"
},
{
"date": "2020-06-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-126"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-126"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sauter moduWeb Vision Web Server Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "IVD",
"id": "624a92fa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00979"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "135615"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-126"
}
],
"trust": 0.7
}
}