Vulnerabilities > Enttec > Storm 24

DATE CVE VULNERABILITY TITLE RISK
2019-06-07 CVE-2019-12777 Incorrect Permission Assignment for Critical Resource vulnerability in Enttec products
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482.
local
low complexity
enttec CWE-732
7.2
7.2
2019-06-07 CVE-2019-12776 Use of Hard-coded Credentials vulnerability in Enttec products
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482.
network
low complexity
enttec CWE-798
critical
 10.0
10
2019-06-07 CVE-2019-12775 Improper Privilege Management vulnerability in Enttec products
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482.
network
low complexity
enttec CWE-269
critical
 9.0
9.0
2019-06-07 CVE-2019-12774 Cross-site Scripting vulnerability in Enttec products
A number of stored XSS vulnerabilities have been identified in the web configuration feature in ENTTEC Datagate Mk2 70044_update_05032019-482 that could allow an unauthenticated threat actor to inject malicious code directly into the application.
network
enttec CWE-79
4.3
4.3