An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NCarel Pcoweb Card Bios
OSCarel6.27Carel Pcoweb Card Boot
OSCarel5.00Carel Pcoweb Card Web
APPCarel2.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2022-34827CRITICAL9.9ten sam vendor
Carel Boss Mini 1.5.0 has Improper Access Control.
CVE-2019-13553CRITICAL9.8ten sam vendor
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentic...
CVE-2023-3643HIGH7.3ten sam vendor
A vulnerability was found in Boss Mini 1.4.0 Build 6221. It has been classified as critical. This affects an u...
CVE-2022-37122HIGH7.5ten sam vendor
Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 ...
CVE-2019-13549HIGH7.5ten sam vendor
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentic...