CVE-2024-2012

CRITICAL Year: 2024
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-288
View all →

Vulnerability Description

vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that if exploited an attacker could use to allow unintended commands or code to be executed on the UNEM server allowing sensitive data to be read or modified or could cause other unintended behavior

Related Vulnerabilities

CVE-2017-5174

CRITICAL
CVSS:9.8(Critical)

An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architectur...

CWE-2882017

CVE-2017-9944

CRITICAL
CVSS:9.8(Critical)

A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticate...

CWE-2882017

CVE-2018-17918

CRITICAL
CVSS:9.8(Critical)

Circontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page.

CWE-2882018

CVE-2018-4852

CRITICAL
CVSS:9.8(Critical)

A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to the device could potentially circumvent the authentication mech...

CWE-2882018

CVE-2018-8859

CRITICAL
CVSS:9.8(Critical)

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specifi...

CWE-2882018

CVE-2019-18250

CRITICAL
CVSS:9.8(Critical)

In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authen...

CWE-2882019