Kieback Peter Ddc4002 vulnerabilities
4 known vulnerabilities affecting kieback_peter/ddc4002.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-43698P2CRITICALCVSS 9.8≤ 1.12.142024-10-22
CVE-2024-43698 [CRITICAL] CWE-1391 CVE-2024-43698: Kieback & Peter's DDC4000 series uses weak credentials, which may allow an unauthenticated attacker
Kieback & Peter's DDC4000 series uses weak credentials, which may allow an unauthenticated attacker to get full admin rights on the system.
nvd
CVE-2024-41717P2CRITICALCVSS 9.8≤ 1.12.142024-10-22
CVE-2024-41717 [CRITICAL] CWE-22 CVE-2024-41717: Kieback & Peter's DDC4000 series is vulnerable to a path traversal vulnerability, which may allow an
Kieback & Peter's DDC4000 series is vulnerable to a path traversal vulnerability, which may allow an unauthenticated attacker to read files on the system.
nvd
CVE-2024-43812P3HIGHCVSS 8.4≤ 1.12.142024-10-22
CVE-2024-43812 [HIGH] CWE-522 CVE-2024-43812: Kieback & Peter's DDC4000 series has an insufficiently protected credentials vulnerability, which ma
Kieback & Peter's DDC4000 series has an insufficiently protected credentials vulnerability, which may allow an unauthenticated attacker with access to /etc/passwd to read the password hashes of all users on the system.
nvd
CVE-2026-4293P4MEDIUMCVSS 5.3≤ 1.12.142026-05-20
CVE-2026-4293 [MEDIUM] CWE-79 CVE-2026-4293: The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabli
The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser.
nvd