Vulnerabilities > Automationdirect > C More EA9 Pgmsw Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-31	CVE-2022-2005	Cleartext Transmission of Sensitive Information vulnerability in Automationdirect products AutomationDirect C-more EA9 HTTP webserver uses an insecure mechanism to transport credentials from client to web server, which may allow an attacker to obtain the login credentials and login as a valid user. network low complexity automationdirect CWE-319	7.5
2022-08-31	CVE-2022-2006	Unspecified vulnerability in Automationdirect products AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. local low complexity automationdirect	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.