cbcvebase.

Contec Cps-Mc341-A1-111 Firmware vulnerabilities

3 known vulnerabilities affecting contec/cps-mc341-a1-111_firmware.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2023-27917P2HIGHCVSS 8.8≤ 3.7.62023-04-11
CVE-2023-27917 [HIGH] CWE-78 CVE-2023-27917: OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated a OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Network Maintenance page to execute arbitrary OS commands with a root privilege. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS
nvd
CVE-2023-27389P3HIGHCVSS 7.2≤ 3.7.62023-04-11
CVE-2023-27389 [HIGH] CWE-326 CVE-2023-27389: Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authe Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service (DoS) condition, and/or execute arbitrary code. The affected products and versions are as follows: M2M
nvd
CVE-2023-23575P4MEDIUMCVSS 4.3≤ 3.7.62023-04-11
CVE-2023-23575 [MEDIUM] CWE-284 CVE-2023-23575: Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticate Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker to bypass access restriction and access Network Maintenance page, which may result in obtaining the network information of the product. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier
nvd
Contec Cps-Mc341-A1-111 Firmware vulnerabilities | cvebase