Vulnerabilities > Contec > CPS Mc341 DS2 911 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-11 | CVE-2023-27389 | Inadequate Encryption Strength vulnerability in Contec products Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service (DoS) condition, and/or execute arbitrary code. | 7.2 |
| 2023-04-11 | CVE-2023-27917 | OS Command Injection vulnerability in Contec products OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Network Maintenance page to execute arbitrary OS commands with a root privilege. | 8.8 |