RSS   Vulnerabilities for 'Technik microcontrol firmware'   RSS

2014-10-20
 
CVE-2014-8329

CWE-287
 

 
Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt.

 
2014-08-22
 
CVE-2014-5396

CWE-Other
 

 
The web interface in Schrack Technik microControl with firmware before 1.7.0 (937) has a hardcoded password of not for the "user" account, which makes it easier for remote attackers to obtain access via unspecified vectors.

 
2014-08-20
 
CVE-2014-5382

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 (937) allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors.

 

 >>> Vendor: Schrack 2 Products
Technik microcontrol
Technik microcontrol firmware


Copyright 2024, cxsecurity.com

 

Back to Top