Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Unisoon Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-3920 1 Unisoon 2 Ultralog Express, Ultralog Express Firmware 2021-07-21 5.5 MEDIUM 8.1 HIGH
UltraLog Express device management interface does not properly perform access authentication in some specific pages/functions. Any user can access the privileged page to manage accounts through specific system directory.
CVE-2020-3921 1 Unisoon 2 Ultralog Express, Ultralog Express Firmware 2021-07-21 5.0 MEDIUM 7.5 HIGH
UltraLog Express device management software stores user’s information in cleartext. Any user can obtain accounts information through a specific page.
CVE-2020-3936 1 Unisoon 2 Ultralog Express, Ultralog Express Firmware 2020-03-31 7.5 HIGH 9.8 CRITICAL
UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL command.