Author: T. Weber

Country:

Reported research: 35

Advisories

Risk	Topic & Details
Med.	Netman 204 4.05 SQL Injection / Unauthenticated Password Reset (CVE assigned) Remote \| 2024-10-13
High	Perten Instruments Process Plus Software 1.11.6507.0 LFI / Hardcoded Credentials (CVE assigned) Local \| 2024-07-24
Med.	SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure (CVE assigned) Remote \| 2024-06-10
Low	ORing IAP-420 2.01e Cross Site Scripting / Command Injection (CVE assigned) Remote \| 2024-06-02
Med.	Korenix JetNet Series Unauthenticated Access (CVE assigned) Remote \| 2024-01-17
Low	Advantech EKI-1524-CE / EKI-1522 / EKI-1521 Cross Site Scripting (CVE assigned) Remote \| 2023-08-15
Med.	Phoenix Contact TC Cloud / TC Router 2.x XSS / Memory Consumption (CVE assigned) Remote \| 2023-08-15
High	Advantech EKI-15XX Series Command Injection / Buffer Overflow (CVE assigned) Remote \| 2023-05-13
Low	Delta Electronics DVW-W02W2-E2 2.42 Command Injection Remote \| 2022-12-09
Med.	Delta Electronics DX-2100-L1-CN 1.5.0.10 Command Injection / XSS Remote \| 2022-12-09
Med.	Hirschmann (Belden) BAT-C2 8.8.1.0R8 Command Injection (CVE assigned) Remote \| 2022-12-01
High	COVESA 2.18.8 NULL Pointer Dereference / Heap Buffer Over-Read (CVE assigned) Remote \| 2022-09-27
Med.	Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor (CVE assigned) Remote \| 2022-06-20
High	Korenix JetPort 5601V3 Backdoor Account (CVE assigned) Remote \| 2022-06-06
High	dbus-broker-29 Memory Corruption (CVE assigned) Remote \| 2022-06-06
Med.	Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication (CVE assigned) Remote \| 2022-04-17
High	Korenix Technology JetWave CSRF / Command Injection / Missing Authentication (CVE assigned) Remote \| 2022-02-07
Med.	Moxa Command Injection / Cross Site Scripting / Vulnerable Software (CVE assigned) Remote \| 2021-09-01
Low	Altus Sistemas de Automacao Products CSRF / Command Injection / Hardcoded Credentials (CVE assigned) Remote \| 2021-08-20
Med.	Korenix CSRF / Backdoor Accounts / Command Injection / Missing Authentication (CVE assigned) Remote \| 2021-06-01
Med.	Pepperl+Fuchs IO-Link Master Series 1.36 CSRF / XSS / Command Injection (CVE assigned) Remote \| 2021-01-14
Med.	ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password Remote \| 2020-11-28
Med.	RocketLinx Series Authentication Bypass / CSRF / Command Injection (CVE assigned) Remote \| 2020-10-05
Med.	Red Lion N-Tron 702-W / 702M12-W 2.0.26 XSS / CSRF / Shell (CVE assigned) Remote \| 2020-09-05
Med.	Phoenix Contact TC Router / TC Cloud Client Command Injection (CVE assigned) Remote \| 2020-03-14
Low	Zyxel USG/UAG/ATP/VPN/NXC External DNS Requests Remote \| 2019-09-01
High	Zyxel NWA/NAP/WAC Hardcoded Credentials Remote \| 2019-09-01
Low	WAGO 852 Industrial Managed Switch Series Code Execution / Hardcoded Credentials (CVE assigned) Remote \| 2019-06-14
Med.	Siglent Technologies SDS 1202X-E Digital Oscilloscope 5.1.3.13 Hardcoded Credentials Remote \| 2018-12-03
High	WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution (CVE assigned) Remote \| 2018-07-12

Author: T. Weber

Country:

Reported research: 35

Advisories

Med.

Netman 204 4.05 SQL Injection / Unauthenticated Password Reset (CVE assigned)

Remote | 2024-10-13

High

Perten Instruments Process Plus Software 1.11.6507.0 LFI / Hardcoded Credentials (CVE assigned)

Local | 2024-07-24

Med.

SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure (CVE assigned)

Remote | 2024-06-10

Low

ORing IAP-420 2.01e Cross Site Scripting / Command Injection (CVE assigned)

Remote | 2024-06-02

Med.

Korenix JetNet Series Unauthenticated Access (CVE assigned)

Remote | 2024-01-17

Low

Advantech EKI-1524-CE / EKI-1522 / EKI-1521 Cross Site Scripting (CVE assigned)

Remote | 2023-08-15

Med.

Phoenix Contact TC Cloud / TC Router 2.x XSS / Memory Consumption (CVE assigned)

Remote | 2023-08-15

High

Advantech EKI-15XX Series Command Injection / Buffer Overflow (CVE assigned)

Remote | 2023-05-13

Low

Delta Electronics DVW-W02W2-E2 2.42 Command Injection

Remote | 2022-12-09

Med.

Delta Electronics DX-2100-L1-CN 1.5.0.10 Command Injection / XSS

Remote | 2022-12-09

Med.

Hirschmann (Belden) BAT-C2 8.8.1.0R8 Command Injection (CVE assigned)

Remote | 2022-12-01

High

COVESA 2.18.8 NULL Pointer Dereference / Heap Buffer Over-Read (CVE assigned)

Remote | 2022-09-27

Med.

Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor (CVE assigned)

Remote | 2022-06-20

High

Korenix JetPort 5601V3 Backdoor Account (CVE assigned)

Remote | 2022-06-06

High

dbus-broker-29 Memory Corruption (CVE assigned)

Remote | 2022-06-06

Med.

Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication (CVE assigned)

Remote | 2022-04-17

High

Korenix Technology JetWave CSRF / Command Injection / Missing Authentication (CVE assigned)

Remote | 2022-02-07

Med.

Moxa Command Injection / Cross Site Scripting / Vulnerable Software (CVE assigned)

Remote | 2021-09-01

Low

Altus Sistemas de Automacao Products CSRF / Command Injection / Hardcoded Credentials (CVE assigned)

Remote | 2021-08-20

Med.

Korenix CSRF / Backdoor Accounts / Command Injection / Missing Authentication (CVE assigned)

Remote | 2021-06-01

Med.

Pepperl+Fuchs IO-Link Master Series 1.36 CSRF / XSS / Command Injection (CVE assigned)

Remote | 2021-01-14

Med.

ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password

Remote | 2020-11-28

Med.

RocketLinx Series Authentication Bypass / CSRF / Command Injection (CVE assigned)

Remote | 2020-10-05

Med.

Red Lion N-Tron 702-W / 702M12-W 2.0.26 XSS / CSRF / Shell (CVE assigned)

Remote | 2020-09-05

Med.

Phoenix Contact TC Router / TC Cloud Client Command Injection (CVE assigned)

Remote | 2020-03-14

Low

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)