Vulnerabilities > Mitsubishielectric > Sw1Dnn Eipct BD Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-02 CVE-2023-2060 Weak Password Requirements vulnerability in Mitsubishielectric products
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or password sniffing.
network
low complexity
mitsubishielectric CWE-521
7.5
2023-06-02 CVE-2023-2061 Use of Hard-coded Credentials vulnerability in Mitsubishielectric products
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via FTP.
network
low complexity
mitsubishielectric CWE-798
7.5
2023-06-02 CVE-2023-2063 Unrestricted Upload of File with Dangerous Type vulnerability in Mitsubishielectric products
Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to cause information disclosure, tampering, deletion or destruction via file upload/download.
network
low complexity
mitsubishielectric CWE-434
7.3