Vulnerabilities > Enbw > Senec Storage BOX Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-07 | CVE-2023-39169 | Use of Hard-coded Credentials vulnerability in Enbw Senec Storage BOX Firmware The affected devices use publicly available default credentials with administrative privileges. | 9.8 |
| 2023-12-07 | CVE-2023-39171 | Exposure of Resource to Wrong Sphere vulnerability in Enbw Senec Storage BOX Firmware 20230619 SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials. | 7.2 |
| 2023-12-07 | CVE-2023-39167 | Missing Authorization vulnerability in Enbw Senec Storage BOX Firmware 20230619 In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data. | 7.5 |
| 2023-12-07 | CVE-2023-39172 | Cleartext Transmission of Sensitive Information vulnerability in Enbw Senec Storage BOX Firmware The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network traffic. | 9.1 |