Skip to main content

Pr100088 Modbus Gateway Firmware

4 CVEs product

Monthly

CVE-2019-6531 HIGH This Week

An attacker could retrieve passwords from a HTTP GET request from the Kunbus PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) if the attacker is in an MITM. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Pr100088 Modbus Gateway Firmware
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2019-6549 HIGH This Week

An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) through FTP. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Pr100088 Modbus Gateway Firmware
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2019-6533 CRITICAL Act Now

Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Pr100088 Modbus Gateway Firmware
NVD
CVSS 3.1
9.1
EPSS
1.2%
CVE-2019-6527 CRITICAL Act Now

PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to be able to change the password for an admin user who is currently or previously logged. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Pr100088 Modbus Gateway Firmware
NVD
CVSS 3.1
9.8
EPSS
1.2%
EPSS 1% CVSS 8.1
HIGH This Week

An attacker could retrieve passwords from a HTTP GET request from the Kunbus PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) if the attacker is in an MITM. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Pr100088 Modbus Gateway Firmware
NVD
EPSS 1% CVSS 7.2
HIGH This Week

An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) through FTP. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Pr100088 Modbus Gateway Firmware
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Pr100088 Modbus Gateway Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to be able to change the password for an admin user who is currently or previously logged. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Pr100088 Modbus Gateway Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy