CVEDB API

Vulnerabilities

Vulnerable Software

Carlosgavazzi: >> Vmu-C Pv Firmware Security Vulnerabilities

CVE-2017-5144

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. The access control flaw allows access to most application functions without authentication.

CVSS Score

9.8

EPSS Score

0.025

Published

2017-02-13

CVE-2017-5145

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. Successful exploitation of this CROSS-SITE REQUEST FORGERY (CSRF) vulnerability can allow execution of unauthorized actions on the device such as configuration parameter changes, and saving modified configuration.

CVSS Score

10.0

EPSS Score

0.002

Published

2017-02-13

CVE-2017-5146

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. Sensitive information is stored in clear-text.

CVSS Score

7.5

EPSS Score

0.646

Published

2017-02-13

Page 1

Vulnerabilities

Vulnerable Software

Carlosgavazzi: >> Vmu-C Pv Firmware Security Vulnerabilities

Products

Pricing

Contact Us