Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Pyres Subscribe
Filtered by product Termod4 Firmware
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-23162 1 Pyres 2 Termod4, Termod4 Firmware 2021-07-21 5.0 MEDIUM 7.5 HIGH
Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials.
CVE-2020-23161 1 Pyres 2 Termod4, Termod4 Firmware 2021-03-30 4.0 MEDIUM 6.5 MEDIUM
Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance > Logs menu and manipulating the file-path in the URL.
CVE-2020-23160 1 Pyres 2 Termod4, Termod4 Firmware 2021-03-17 9.0 HIGH 8.8 HIGH
Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices.