Vulnerabilities > Haascnc

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-28	CVE-2022-2474	Missing Authentication for Critical Function vulnerability in Haascnc Haas Controller Firmware 100.20.000.1110 Authentication is currently unsupported in Haas Controller version 100.20.000.1110 when using the “Ethernet Q Commands” service, which allows any user on the same network segment as the controller (even while connected remotely) to access the service and write unauthorized macros to the device. low complexity haascnc CWE-306	8.0
2022-10-28	CVE-2022-2475	Unspecified vulnerability in Haascnc Haas Controller Firmware 100.20.000.1110 Haas Controller version 100.20.000.1110 has insufficient granularity of access control when using the "Ethernet Q Commands" service. network low complexity haascnc	8.8
2022-10-28	CVE-2022-41636	Cleartext Transmission of Sensitive Information vulnerability in Haascnc Haas Controller 100.20.000.1110 Communication traffic involving "Ethernet Q Commands" service of Haas Controller version 100.20.000.1110 is transmitted in cleartext. network low complexity haascnc CWE-319	7.5

Vulnerabilities > Haascnc {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Haascnc"}]}