Search
Search Results (5 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-8072 | 1 Ingeteam | 1 Ingecon Sun Ems Board | 2026-05-12 | N/A |
| Insecure generation of credentials in the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an attacker to carry out a privilege escalation. | ||||
| CVE-2023-3770 | 1 Ingeteam | 2 Ingepac Da3451, Ingepac Da3451 Firmware | 2024-11-21 | 5.3 Medium |
| Incorrect validation vulnerability of the data entered, allowing an attacker with access to the network on which the affected device is located to use the discovery port protocol (1925/UDP) to obtain device-specific information without the need for authentication. | ||||
| CVE-2023-3769 | 1 Ingeteam | 2 Ingepac Fc5066, Ingepac Fc5066 Firmware | 2024-11-21 | 8.6 High |
| Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services. | ||||
| CVE-2023-3768 | 1 Ingeteam | 6 Ingepac Da3451, Ingepac Da3451 Firmware, Ingepac Ef Md and 3 more | 2024-11-21 | 8.6 High |
| Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services. | ||||
| CVE-2017-20007 | 1 Ingeteam | 2 Ingepac Da Au, Ingepac Da Au Firmware | 2024-11-21 | 5.3 Medium |
| Ingeteam INGEPAC DA AU AUC_1.13.0.28 (and before) web application allows access to a certain path that contains sensitive information that could be used by an attacker to execute more sophisticated attacks. An unauthenticated remote attacker with access to the device´s web service could exploit this vulnerability in order to obtain different configuration files. | ||||
Page 1 of 1.