Skip to main content

Irm Tsi410X

2 CVEs product

Monthly

CVE-2026-11849 CRITICAL PATCH Act Now

Hardcoded database credentials in IEI Integration Corp's iRM-IEI Remote Management (iRM-TSI410X platform) allow remote unauthenticated attackers to authenticate to the backend database with administrative privileges. No public exploit identified at time of analysis, but the CVSS 4.0 base score of 9.3 reflects trivial network-accessible exploitation with full confidentiality, integrity, and availability impact. The flaw is reported by TWCERT and tagged as an Authentication Bypass.

Authentication Bypass Irm Tsi410X
NVD VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-11848 HIGH PATCH This Week

Information disclosure in IEI Integration Corp's iRM-IEI Remote Management (iRM-TSI410X) allows unauthenticated remote attackers to retrieve partial system configuration data by invoking a specific function that lacks authentication enforcement. The flaw is reported by TWCERT and carries a CVSS 4.0 base of 7.9, but no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

Authentication Bypass Irm Tsi410X
NVD VulDB
CVSS 4.0
7.9
EPSS
0.0%
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

Hardcoded database credentials in IEI Integration Corp's iRM-IEI Remote Management (iRM-TSI410X platform) allow remote unauthenticated attackers to authenticate to the backend database with administrative privileges. No public exploit identified at time of analysis, but the CVSS 4.0 base score of 9.3 reflects trivial network-accessible exploitation with full confidentiality, integrity, and availability impact. The flaw is reported by TWCERT and tagged as an Authentication Bypass.

Authentication Bypass Irm Tsi410X
NVD VulDB
EPSS 0% CVSS 7.9
HIGH PATCH This Week

Information disclosure in IEI Integration Corp's iRM-IEI Remote Management (iRM-TSI410X) allows unauthenticated remote attackers to retrieve partial system configuration data by invoking a specific function that lacks authentication enforcement. The flaw is reported by TWCERT and carries a CVSS 4.0 base of 7.9, but no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

Authentication Bypass Irm Tsi410X
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy