CRITICAL🇬🇧 English

CVE-2019-6533

CVSS 9.1v3.1pub. 2019-02-12upd. 2024-11-21

Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166).

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  • Kunbus Pr100088 Modbus Gateway

    HW
    Kunbus
    wszystkie wersje
  • Kunbus Pr100088 Modbus Gateway Firmware

    OS
    Kunbus
    < r02
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-6527CRITICAL9.8ten sam produkt

PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to...

CVE-2019-6531HIGH8.1ten sam produkt

An attacker could retrieve passwords from a HTTP GET request from the Kunbus PR100088 Modbus gateway versions ...

CVE-2019-6549HIGH7.2ten sam produkt

An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions pri...

CVE-2019-6529MEDIUM4.9ten sam produkt

An attacker could specially craft an FTP request that could crash the PR100088 Modbus gateway versions prior t...

CVE-2025-41646CRITICAL9.8PL ✓ten sam vendor

Obejście uwierzytelnienia w Kunbus RevPi Status poprzez błędną konwersję typów