Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-43975 | 1 Ge | 2 Ms 3000, Ms 3000 Firmware | 2023-01-30 | N/A | 7.5 HIGH |
An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. A vulnerability in the web server allows arbitrary files and configurations to be read via directory traversal over TCP port 8888. | |||||
CVE-2022-43977 | 1 Ge | 2 Ms 3000, Ms 3000 Firmware | 2023-01-26 | N/A | 9.8 CRITICAL |
An issue was discovered on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. The debug port accessible via TCP (a qconn service) lacks access control. | |||||
CVE-2022-43976 | 1 Ge | 2 Ms 3000, Ms 3000 Firmware | 2023-01-26 | N/A | 9.8 CRITICAL |
An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. Direct access to the API is possible on TCP port 8888 via programs located in the cgi-bin folder without any authentication. |