Skip to main content

Web Log Pro

3 CVEs product

Monthly

CVE-2016-2298 CRITICAL POC THREAT Emergency

Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sensitive cleartext information via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 73.0%.

Information Disclosure Web Log Basic 100 Web Log Light Web Log Pro Web Log Pro Unlimited
NVD
CVSS 3.0
9.8
EPSS
73.0%
Threat
5.7
CVE-2016-2297 CRITICAL Act Now

Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature.". Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Web Log Basic 100 Web Log Light Web Log Pro Web Log Pro Unlimited
NVD
CVSS 3.0
9.4
EPSS
1.6%
CVE-2016-2296 CRITICAL POC THREAT Emergency

Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote attackers to obtain sensitive information or modify. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 75.3%.

Information Disclosure Web Log Basic 100 Web Log Light Web Log Pro Web Log Pro Unlimited
NVD Exploit-DB
CVSS 3.0
9.4
EPSS
75.3%
Threat
5.6
EPSS 73% 5.7 CVSS 9.8
CRITICAL POC THREAT Emergency

Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sensitive cleartext information via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 73.0%.

Information Disclosure Web Log Basic 100 Web Log Light +2
NVD
EPSS 2% CVSS 9.4
CRITICAL Act Now

Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature.". Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Web Log Basic 100 Web Log Light +2
NVD
EPSS 75% 5.6 CVSS 9.4
CRITICAL POC THREAT Emergency

Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote attackers to obtain sensitive information or modify. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 75.3%.

Information Disclosure Web Log Basic 100 Web Log Light +2
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy