Skip to main content

Vitogate 300 Firmware

3 CVEs product

Monthly

CVE-2023-5702 MEDIUM POC THREAT This Month

A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Vitogate 300 Firmware
NVD GitHub VulDB Exploit-DB
CVSS 3.1
6.5
EPSS
14.5%
CVE-2023-45852 CRITICAL POC THREAT Act Now

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Vitogate 300 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
14.0%
CVE-2023-5222 CRITICAL POC THREAT Act Now

A vulnerability classified as critical was found in Viessmann Vitogate 300 up to 2.1.3.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Vitogate 300 Firmware
NVD GitHub VulDB Exploit-DB
CVSS 3.1
9.8
EPSS
74.7%
EPSS 15% CVSS 6.5
MEDIUM POC THREAT This Month

A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Vitogate 300 Firmware
NVD GitHub VulDB Exploit-DB
EPSS 14% CVSS 9.8
CRITICAL POC THREAT Act Now

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Vitogate 300 Firmware
NVD GitHub
EPSS 75% CVSS 9.8
CRITICAL POC THREAT Act Now

A vulnerability classified as critical was found in Viessmann Vitogate 300 up to 2.1.3.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Vitogate 300 Firmware
NVD GitHub VulDB Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy