An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface.
References
Link | Resource |
---|---|
https://medium.com/@SergiuSechel/insecure-permissions-in-rehau-group-unlimited-polymer-solutions-implementation-of-carel-pcoweb-514c148ae694 | Exploit Third Party Advisory |
https://github.com/cybertoxin/CVEs/blob/main/CVE_2020_18329.md | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2023-01-26 13:15
Updated : 2023-02-03 11:48
NVD link : CVE-2020-18329
Mitre link : CVE-2020-18329
JSON object : View
CWE
CWE-281
Improper Preservation of Permissions
Products Affected
carel
- pcoweb_card_bios
- pcoweb_card_boot
- pcoweb_card_web