Vulnerabilities > Contec > CPS Mc341 Adsc1 111 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-04-11 CVE-2023-23575 Unspecified vulnerability in Contec products
Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker to bypass access restriction and access Network Maintenance page, which may result in obtaining the network information of the product.
network
low complexity
contec
4.3
2023-04-11 CVE-2023-27389 Inadequate Encryption Strength vulnerability in Contec products
Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service (DoS) condition, and/or execute arbitrary code.
network
low complexity
contec CWE-326
7.2
2023-04-11 CVE-2023-27917 OS Command Injection vulnerability in Contec products
OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Network Maintenance page to execute arbitrary OS commands with a root privilege.
network
low complexity
contec CWE-78
8.8