cbcvebase.

Janitza Umg 96Rm-E 230V vulnerabilities

4 known vulnerabilities affecting janitza/umg_96rm-e_230v.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2025-41709P2CRITICALCVSS 9.8≥ 0.0, ≤ 3.132026-03-10
CVE-2025-41709 [CRITICAL] CWE-78 CVE-2025-41709: An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to g An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device.
nvd
CVE-2025-41710P3MEDIUMCVSS 6.5≥ 0.0, ≤ 3.132026-03-10
CVE-2025-41710 [MEDIUM] CWE-798 CVE-2025-41710: An unauthenticated remote attacker may use hardcodes credentials to get access to the previously act An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges.
nvd
CVE-2025-41712P3MEDIUMCVSS 6.5≥ 0.0, ≤ 3.132026-03-10
CVE-2025-41712 [MEDIUM] CWE-732 CVE-2025-41712: An unauthenticated remote attacker who tricks a user to upload a manipulated HTML file can get acces An unauthenticated remote attacker who tricks a user to upload a manipulated HTML file can get access to sensitive information on the device. This is a result of incorrect permission assignment for the web server.
nvd
CVE-2025-41711P4MEDIUMCVSS 5.3≥ 0.0, ≤ 3.132026-03-10
CVE-2025-41711 [MEDIUM] CWE-327 CVE-2025-41711: An unauthenticated remote attacker can use firmware images to extract password hashes and brute forc An unauthenticated remote attacker can use firmware images to extract password hashes and brute force plaintext passwords of accounts with limited access.
nvd
Janitza Umg 96Rm-E 230V vulnerabilities | cvebase