Skip to main content

Senec Storage Box Firmware

4 CVEs product

Monthly

CVE-2023-39171 HIGH POC This Week

SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Senec Storage Box Firmware
NVD
CVSS 3.1
7.2
EPSS
1.1%
CVE-2023-39169 CRITICAL Act Now

The affected devices use publicly available default credentials with administrative privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Senec Storage Box Firmware
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-39172 CRITICAL Act Now

The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network traffic. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Senec Storage Box Firmware
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2023-39167 HIGH POC This Week

In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Authentication Bypass Senec Storage Box Firmware
NVD
CVSS 3.1
7.5
EPSS
1.0%
EPSS 1% CVSS 7.2
HIGH POC This Week

SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Senec Storage Box Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The affected devices use publicly available default credentials with administrative privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Senec Storage Box Firmware
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network traffic. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Senec Storage Box Firmware
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Authentication Bypass Senec Storage Box Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy