The Carlo Gavazzi EOS-Box stores hard-coded passwords in the PHP file of the device. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The Carlo Gavazzi EOS-Box does not check the validity of the data before executing queries. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.