Vulnerabilities > Miele

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-21	CVE-2022-3589	Authorization Bypass Through User-Controlled Key vulnerability in Miele Appwash An API Endpoint used by Miele's "AppWash" MobileApp in all versions was vulnerable to an authorization bypass. network low complexity miele CWE-639	8.1
2022-04-27	CVE-2022-22521	Incorrect Permission Assignment for Critical Resource vulnerability in Miele Benchmark Programming Tool 1.0.49/1.1.49/1.2.71 In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated by attackers are unknowingly executed with users privileges. local low complexity miele CWE-732	7.3
2020-02-24	CVE-2019-20481	Improper Authentication vulnerability in Miele XGW 3000 Zigbee Gateway Firmware In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password. network low complexity miele CWE-287 critical	9.8
2020-02-24	CVE-2019-20480	Cross-Site Request Forgery (CSRF) vulnerability in Miele XGW 3000 Zigbee Gateway Firmware In MIELE XGW 3000 ZigBee Gateway before 2.4.0, a malicious website visited by an authenticated admin user or a malicious mail is allowed to make arbitrary changes in the "admin panel" because there is no CSRF protection. network low complexity miele CWE-352	8.8

Vulnerabilities > Miele {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Miele"}]}