Skip to main content

Pcoweb Card Firmware

4 CVEs product

Monthly

CVE-2022-37122 HIGH POC THREAT This Week

Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Pcoweb Card Firmware Applica Pcoweb Hvac Bacnet Gateway
NVD
CVSS 3.1
7.5
EPSS
19.7%
CVE-2019-11370 MEDIUM POC This Month

Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pw_snmp.html "System contact" field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Pcoweb Card Firmware
NVD GitHub Exploit-DB
CVSS 3.0
5.4
EPSS
4.0%
CVE-2019-11369 HIGH POC This Week

An issue was discovered in Carel pCOWeb prior to B1.2.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pcoweb Card Firmware
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
7.1%
CVE-2019-9484 HIGH This Week

The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows remote attackers to obtain access via an HTTP session on port 10000, as demonstrated by reading the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Pcoweb Card Firmware
NVD
CVSS 3.0
7.5
EPSS
1.5%
EPSS 20% CVSS 7.5
HIGH POC THREAT This Week

Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Pcoweb Card Firmware Applica +1
NVD
EPSS 4% CVSS 5.4
MEDIUM POC This Month

Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pw_snmp.html "System contact" field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Pcoweb Card Firmware
NVD GitHub Exploit-DB
EPSS 7% CVSS 8.8
HIGH POC This Week

An issue was discovered in Carel pCOWeb prior to B1.2.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pcoweb Card Firmware
NVD GitHub Exploit-DB
EPSS 2% CVSS 7.5
HIGH This Week

The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows remote attackers to obtain access via an HTTP session on port 10000, as demonstrated by reading the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Pcoweb Card Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy