[EN] Multiple Vulnerabilities in Riello Netman 204

Title: Multiple Vulnerabilities Product: Netman 204 Vulnerable version: 4.05 Fixed version: None CVE: CVE-2024-8877, CVE-2024-8878 Impact: High Homepage: https://www.riello-ups.com/ Found: 2024-05-17 The Netman 204 series is prone to unauthenticated SQL injection that allows modification of energy measurement entries. Furthermore, the UPS password reset function can be abused to reset the password without the riello support by calculating the recovery code for resetting the password. "Riello Elettronica, lead by Cav. Lav. Pierantonio Riello, has a presence today in the Electrical manufacturing industry with two divisions: Energy, Automation and Security....

[EN] Multiple Vulnerabilities in Korenix JetPort

Title: Multiple Vulnerabilities Product: Korenix JetPort Vulnerable version: <=1.2 Fixed version: None CVE: CVE-2024-7395, CVE-2024-7396, CVE-2024-7397 Impact: High Homepage: https://korenix.com/ Found: 2024-04-01 The JetPort series is prone to unauthenicated command injection, which allows an attacker to fully compromise the device from the network. "Korenix Technology, a Beijer group company within the Industrial Communication business area, is a global leading manufacturer providing innovative, market-oriented, value-focused Industrial Wired and Wireless Networking Solutions. With decades of experiences in the industry, we have developed various product lines [...]. Our products are mainly applied...

[EN] Multiple Vulnerabilities in Perten ProcessPlus

Title: Multiple Vulnerabilities Product: Perten ProcessPlus Vulnerable version: <=1.11.6507.0 Fixed version: 2.0.0 CVE: CVE-2024-6911, CVE-2024-6912, CVE-2024-6913 Impact: High Homepage: https://perkinelmer.com/ Found: 2024-04-24 The ProcessPlus measurement software is prone to local file inclusion, uses default MSSQL credentials, and is executed with unnecessarily high privileges. "For 85 years, PerkinElmer has pushed the boundaries of science from food to health to the environment. We’ve always pursued science with a clear purpose – to help our customers achieve theirs. Our expert team brings technology and intangibles, like creativity, empathy, diligence, and a...

Authenticated Command Injection in Helmholz REX100 Router

Title: Authenticated Command Injection Product: Helmholz Industrial Router REX100, MBConnectline mbNET.mini Vulnerable version: <= 2.2.11 Fixed version: 2.2.13 CVE: CVE-2024-5672 Impact: High Homepage: https://www.helmholz.de/, https://mbconnectline.com/ Found: 2024-05-08 The Helmholz REX100 Router ist prone to an authenticated command injection attack. This allows an attacker to gain root access on the router, which usually acts as key infrastructure device in OT. Helmholz is your specialist when it comes to sophisticated products for your automation projects. With current, clever system solutions from Helmholz, the high demands placed on industrial networks in...

[EN] Multiple Vulnerabilities in SEH untserver Pro

Title: Multiple Vulnerabilities Product: SEH utnserver Pro Vulnerable version: 20.1.22 Fixed version: 20.1.28 CVE: CVE-2024-5420, CVE-2024-5421, CVE-2024-5422 Impact: High Homepage: https://www.seh-technology.com/ Found: 2024-03-04 The untserver Pro ist prone to stored cross-site scripting, file disclosure and denial of service attacks. This allows an attacker to deactivate the device or place malicious code in the web interface of the untserver. We are SEH from Bielefeld - manufacturer of high-quality network solutions. With over 35 years of experience in the fields of printing and networks, we offer our customers a broad...

[EN] Multiple Vulnerabilities in ORing IAP420

Title: Multiple Vulnerabilities Product: ORing IAP-420 Vulnerable version: 2.01e Fixed version: - CVE: CVE-2024-5410, CVE-2024-5411 Impact: High Homepage: https://oringnet.com/ Found: 2024-01-19 The ORing IAP420 is prone to authenticated command injection and stored cross-site scripting. Therefore, an attacker can fully compromize the device via the management interface. Founded in 2005, ORing specializes in developing innovative own-branded products for industrial settings. Over the years, ORing has accumulated abundant experience in wired and wireless network communications industry. In line with the commercialization of 5G, ORing has stretched its arm into the...

[EN] Multiple Vulnerabilities in Korenix JetNet Series

Title: Multiple Vulnerabilities Product: Korenix JetNet Series Vulnerable version: See "Vulnerable versions" Fixed version: - CVE: CVE-2023-5376, CVE-2023-5347 Impact: High Homepage: https://www.korenix.com/ Found: 2023-08-31 Korenix JetNet series is prone to a unauthenticated firmware upgrade, which leads to remote code execution. "Korenix Technology, a Beijer group company within the Industrial Communication business area, is a global leading manufacturer providing innovative, market-oriented, value-focused Industrial Wired and Wireless Networking Solutions. With decades of experiences in the industry, we have developed various product lines [...]. Our products are mainly applied in SMART...

[EN] St. Pölten UAS | Multiple Vulnerabilities in Phoenix Contact TC Cloud Client, TC Router & Cloud Client

Title: Multiple Vulnerabilities Product: Phoenix Contact TC Cloud Client 1002-4G*, TC Router 3002T-4G, Cloud Client 1101T-TX/TX Vulnerable version: <2.07.2, <2.07.2, <2.06.10 Fixed version: 2.07.2, 2.07.2, 2.06.10 CVE: CVE-2023-3526, CVE-2023-3569 Impact: Medium Homepage: https://www.phoenixcontact.com/ Found: 2023-05-04 By: A. Resanovic, S. Stockinger, T. Etzenberger Disclaimer: This vulnerability was discovery during research at St. Pölten UAS, supported and coordinated by CyberDanube. Phoenix Contact TC Cloud Client, TC Router & Cloud Client are prone to a Stored Cross-Site Scripting (XSS) and Billion laughs attack. At Phoenix Contact, our approach is innovative, sustainable, and based on...

[EN] St. Pölten UAS | Multiple Vulnerabilities in Advantech EKI-15XX Series

Title: Multiple Vulnerabilities Product: Advantech EKI-1524-CE series, EKI-1522 series, EKI-1521 series Vulnerable version: <=1.21 (CVE-2023-4202), <=1.24 (CVE-2023-4203) Fixed version: 1.26 CVE: CVE-2023-4202, CVE-2023-4203 Impact: Medium Homepage: https://advantech.com Found: 2023-05-04 By: R. Haas, A. Resanovic, T. Etzenberger, M. Bineder Disclaimer: This vulnerability was discovery during research at St. Pölten UAS, supported and coordinated by CyberDanube. Advantech EKI-1524/1522/1521 devices are prone to multiple Stored Cross-Site Scripting (XSS). "Advantech’s corporate vision is to enable an intelligent planet. The company is a global leader in the fields of IoT intelligent systems and embedded platforms....

[EN] Multiple Vulnerabilities in Advantech EKI-15XX Series

Title: Multiple Vulnerabilities Product: Advantech EKI-1524-CE series, EKI-1522 series, EKI-1521 series Vulnerable version: 1.21 Fixed version: 1.24 CVE: CVE-2023-2573, CVE-2023-2574, CVE-2023-2575 Impact: High Homepage: https://advantech.com Found: 2023-03-06 Advantech EKI-1524/1522/1521 devices are prone to authenticated command injections and a buffer overflow vulnerability. These vulnerabilities can be used to execute arbitrary commands on OS level. "Advantech’s corporate vision is to enable an intelligent planet. The company is a global leader in the fields of IoT intelligent systems and embedded platforms. To embrace the trends of IoT, big data, and artificial...