The affected products expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device.
The affected product is vulnerable to an attacker being able to use commands without providing a password which may allow an attacker to leak information.
An unauthenticated remote attacker can obtain limited sensitive information and/or DoS the device due to missing authentication for critical function.
Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, potentially enabling unauthorized upload or download of configura
An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.
An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read, delete and change data.
An unauthenticated remote attacker can access a URL which causes the device to reboot.
An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS.
An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials.
The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication.
Certain models of Industrial Cellular Gateway developed by Planet Technology have a Missing Authentication vulnerability, allowing unauthenticated remote attackers to manipulate the device via a speci
An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication.
An unauthenticated remote attacker can exploit input validation in cmd services of the devices, allowing them to disrupt system operations and potentially cause a denial-of-service.
An unprotected API endpoint allows an attacker to remotely change the device password without providing authentication.
A remote unauthenticated attacker may be able to bypass authentication
by utilizing a specific API route to execute arbitrary OS commands.
An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.
Due to improper BLE security configurations on the device's GATT server, an adjacent unauthenticated attacker can read and write device control commands through the mobile app service wich could rende
An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product.
The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address.
Certain modes of routers from Billion Electric have a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access the specific functionality to obtain partial de
Page 1+ Next →