Skip to main content
CVE-2014-9195 CRITICAL POC THREAT Emergency

Phoenix Contact ProConOs and MultiProg do not require authentication, which allows remote attackers to execute arbitrary commands via protocol-compliant traffic. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.5%.

Authentication Bypass Multiprog Proconos Eclr
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
82.5%
Threat
6.0
CVE-2014-5419 CRITICAL Act Now

GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware 4.2.1 and earlier and Multilink ML810, ML3000, and ML3100 switches with firmware 5.2.0 and earlier use the same RSA private key. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Multilink Ml3100 Firmware Multilink Ml3100 Multilink Ml3000 Firmware Multilink Ml3000 +10
NVD GitHub
CVSS 2.0
10.0
EPSS
1.4%
CVE-2014-9199 CRITICAL Act Now

The Clorius Controls Java web client before 01.00.0009g allows remote attackers to discover credentials by sniffing the network for cleartext-equivalent traffic. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Java Web Client
NVD
CVSS 2.0
10.0
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy