Filtered by vendor Sick
Subscriptions
Filtered by product Apu0200 Firmware
Subscriptions
Total
9 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-5101 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2024-12-09 | 5.3 Medium |
Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged remote attacker to download various files from the server via HTTP requests. | ||||
CVE-2023-5102 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2024-12-09 | 5.3 Medium |
Insufficient Control Flow Management in RDT400 in SICK APU allows an unprivileged remote attacker to potentially enable hidden functionality via HTTP requests. | ||||
CVE-2023-43699 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2024-12-09 | 7.5 High |
Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU allows an unprivileged remote attacker to guess the password via trial-and-error as the login attempts are not limited. | ||||
CVE-2023-43697 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2024-12-09 | 6.5 Medium |
Modification of Assumed-Immutable Data (MAID) in RDT400 in SICK APU allows an unprivileged remote attacker to make the site unable to load necessary strings via changing file paths using HTTP requests. | ||||
CVE-2023-5103 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2024-11-21 | 4.3 Medium |
Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged remote attacker to potentially reveal sensitive information via tricking a user into clicking on an actionable item using an iframe. | ||||
CVE-2023-5100 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2024-11-21 | 5.9 Medium |
Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged remote attacker to retrieve potentially sensitive information via intercepting network traffic that is not encrypted. | ||||
CVE-2023-43700 | 1 Sick | 3 Apu0200, Apu0200 Firmware, Rdt400 | 2024-11-21 | 7.7 High |
Missing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data via HTTP requests that no not require authentication. | ||||
CVE-2023-43698 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2024-11-21 | 7.1 High |
Improper Neutralization of Input During Web Page Generation (’Cross-site Scripting’) in RDT400 in SICK APU allows an unprivileged remote attacker to run arbitrary code in the clients browser via injecting code into the website. | ||||
CVE-2023-43696 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2024-11-21 | 8.2 High |
Improper Access Control in SICK APU allows an unprivileged remote attacker to download as well as upload arbitrary files via anonymous access to the FTP server. |
Page 1 of 1.