Vulnerabilities > Contec > CPS Mcs341G5 DS1 130 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-11 | CVE-2023-23575 | Unspecified vulnerability in Contec products Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker to bypass access restriction and access Network Maintenance page, which may result in obtaining the network information of the product. | 4.3 |
| 2023-04-11 | CVE-2023-27389 | Inadequate Encryption Strength vulnerability in Contec products Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service (DoS) condition, and/or execute arbitrary code. | 7.2 |
| 2023-04-11 | CVE-2023-27917 | OS Command Injection vulnerability in Contec products OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Network Maintenance page to execute arbitrary OS commands with a root privilege. | 8.8 |