Page 4 of 28 results (0.011 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

Optergy Proton/Enterprise devices allow Cross-Site Request Forgery (CSRF). Los dispositivos Optergy Proton/Enterprise permiten Cross-Site Request Forgery (CSRF). Optergy Proton/Enterprise BMS versions 2.0.3a and below suffer from an add administrator cross site request forgery vulnerability. • https://www.exploit-db.com/exploits/47639 http://packetstormsecurity.com/files/155265/Optergy-Proton-Enterprise-BMS-2.0.3a-Cross-Site-Request-Forgery.html http://www.securityfocus.com/bid/108686 https://applied-risk.com/labs/advisories https://www.applied-risk.com/resources/ar-2019-008 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 2

Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root. Los dispositivos Optergy Proton / Enterprise permiten la carga de archivos autenticados con la ejecución de código como root. • https://www.exploit-db.com/exploits/47636 http://packetstormsecurity.com/files/155269/Optergy-2.3.0a-Remote-Root.html http://www.securityfocus.com/bid/108686 https://applied-risk.com/labs/advisories https://www.applied-risk.com/resources/ar-2019-008 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

Optergy Proton/Enterprise devices allow Open Redirect. Los dispositivos Optergy Proton/Enterprise permiten una redirección abierta. Optergy Proton/Enterprise BMS versions 2.3.0a and below suffer from an open redirect vulnerability. • http://packetstormsecurity.com/files/155268/Optergy-Proton-Enterprise-BMS-2.3.0a-Open-Redirect.html http://www.securityfocus.com/bid/108686 https://applied-risk.com/labs/advisories https://www.applied-risk.com/resources/ar-2019-008 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

Optergy Proton/Enterprise devices allow Unauthenticated Internal Network Information Disclosure. Los dispositivos Optergy Proton/Enterprise permiten la divulgación de información de red interna no autenticada. • http://www.securityfocus.com/bid/108686 https://applied-risk.com/labs/advisories https://www.applied-risk.com/resources/ar-2019-008 •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

Optergy Proton/Enterprise devices have an Unauthenticated SMS Sending Service. Los dispositivos Optergy Proton/Enterprise tienen un servicio de envío de SMS no autenticado. • http://www.securityfocus.com/bid/108686 https://applied-risk.com/labs/advisories https://www.applied-risk.com/resources/ar-2019-008 • CWE-269: Improper Privilege Management •