Skip to main content

M Bus 900S Firmware

9 CVEs product

Monthly

CVE-2023-35765 MEDIUM This Month

PiiGAB M-Bus stores credentials in a plaintext file, which could allow a low-level user to gain admin credentials. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure M Bus 900S Firmware
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-35120 HIGH This Week

PiiGAB M-Bus is vulnerable to cross-site request forgery. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF M Bus 900S Firmware
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-34995 CRITICAL Act Now

There are no requirements for setting a complex password for PiiGAB M-Bus, which could contribute to a successful brute force attack if the password is inline with recommended password guidelines. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Brute Force M Bus 900S Firmware
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-34433 CRITICAL Act Now

PiiGAB M-Bus stores passwords using a weak hash algorithm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure M Bus 900S Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-32652 MEDIUM This Month

PiiGAB M-Bus does not validate identification strings before processing, which could make it vulnerable to cross-site scripting attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS M Bus 900S Firmware
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-36859 CRITICAL Act Now

PiiGAB M-Bus SoftwarePack 900S does not correctly sanitize user input, which could allow an attacker to inject arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection M Bus 900S Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-35987 CRITICAL Act Now

PiiGAB M-Bus contains hard-coded credentials which it uses for authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass M Bus 900S Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-33868 CRITICAL Act Now

The number of login attempts is not limited. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure M Bus 900S Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-31277 HIGH This Week

PiiGAB M-Bus transmits credentials in plaintext format. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure M Bus 900S Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
EPSS 1% CVSS 6.5
MEDIUM This Month

PiiGAB M-Bus stores credentials in a plaintext file, which could allow a low-level user to gain admin credentials. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure M Bus 900S Firmware
NVD
EPSS 0% CVSS 8.8
HIGH This Week

PiiGAB M-Bus is vulnerable to cross-site request forgery. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF M Bus 900S Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

There are no requirements for setting a complex password for PiiGAB M-Bus, which could contribute to a successful brute force attack if the password is inline with recommended password guidelines. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Brute Force M Bus 900S Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

PiiGAB M-Bus stores passwords using a weak hash algorithm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure M Bus 900S Firmware
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

PiiGAB M-Bus does not validate identification strings before processing, which could make it vulnerable to cross-site scripting attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS M Bus 900S Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

PiiGAB M-Bus SoftwarePack 900S does not correctly sanitize user input, which could allow an attacker to inject arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection M Bus 900S Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

PiiGAB M-Bus contains hard-coded credentials which it uses for authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass M Bus 900S Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The number of login attempts is not limited. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure M Bus 900S Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

PiiGAB M-Bus transmits credentials in plaintext format. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure M Bus 900S Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy