Filtered by vendor Socomec
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0356 | 1 Socomec | 2 Modulys Gp, Net Vision | 2023-02-06 | N/A | 7.5 HIGH |
| SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information. | |||||
| CVE-2021-41870 | 1 Socomec | 2 Remote View Pro, Remote View Pro Firmware | 2021-12-16 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in the firmware update form in Socomec REMOTE VIEW PRO 2.0.41.4. An authenticated attacker can bypass a client-side file-type check and upload arbitrary .php files. | |||||
| CVE-2021-41871 | 1 Socomec | 2 Remote View Pro, Remote View Pro Firmware | 2021-12-16 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in Socomec REMOTE VIEW PRO 2.0.41.4. Improper validation of input into the username field makes it possible to place a stored XSS payload. This is executed if an administrator views the System Event Log. | |||||
| CVE-2019-15859 | 1 Socomec | 2 Diris A-40, Diris A-40 Firmware | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI. | |||||