cbcvebase.

Webhmi Firmware vulnerabilities

4 known vulnerabilities affecting webhmi/webhmi_firmware.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2021-43936P1CRITICALCVSS 9.8ExploitedPoCfixed in 4.12021-12-06
CVE-2021-43936 [CRITICAL] CWE-434 CVE-2021-43936: The software allows the attacker to upload or transfer files of dangerous types to the WebHMI portal The software allows the attacker to upload or transfer files of dangerous types to the WebHMI portal, that may be automatically processed within the product's environment or lead to arbitrary code execution.
nvd
CVE-2021-43931P3CRITICALCVSS 9.8fixed in 4.12021-12-06
CVE-2021-43931 [CRITICAL] CWE-287 CVE-2021-43931: The authentication algorithm of the WebHMI portal is sound, but the implemented mechanism can be byp The authentication algorithm of the WebHMI portal is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
nvd
CVE-2022-2253P3CRITICALCVSS 9.1≤ 4.1.1.76622022-07-01
CVE-2022-2253 [CRITICAL] CWE-78 CVE-2022-2253: A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 may send OS comm A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 may send OS commands to execute on the host server.
nvd
CVE-2022-2254P4MEDIUMCVSS 4.8≤ 4.1.1.76622022-07-01
CVE-2022-2254 [MEDIUM] CWE-79 CVE-2022-2254: A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 can store a scri A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 can store a script that could impact other logged in users.
nvd
Webhmi Firmware vulnerabilities | cvebase