Filtered by vendor Pyres
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-23162 | 1 Pyres | 2 Termod4, Termod4 Firmware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials. | |||||
| CVE-2020-23161 | 1 Pyres | 2 Termod4, Termod4 Firmware | 2021-03-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance > Logs menu and manipulating the file-path in the URL. | |||||
| CVE-2020-23160 | 1 Pyres | 2 Termod4, Termod4 Firmware | 2021-03-17 | 9.0 HIGH | 8.8 HIGH |
| Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices. | |||||