Vulnerabilities > Piigab

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-07	CVE-2023-32652	Cross-site Scripting vulnerability in Piigab M-Bus 900S Firmware PiiGAB M-Bus does not validate identification strings before processing, which could make it vulnerable to cross-site scripting attacks. network low complexity piigab CWE-79	6.1
2023-07-07	CVE-2023-34433	Use of Password Hash With Insufficient Computational Effort vulnerability in Piigab M-Bus 900S Firmware PiiGAB M-Bus stores passwords using a weak hash algorithm. network low complexity piigab CWE-916 critical	9.8
2023-07-07	CVE-2023-34995	Weak Password Requirements vulnerability in Piigab M-Bus 900S Firmware There are no requirements for setting a complex password for PiiGAB M-Bus, which could contribute to a successful brute force attack if the password is inline with recommended password guidelines. network low complexity piigab CWE-521 critical	9.8
2023-07-07	CVE-2023-35120	Cross-Site Request Forgery (CSRF) vulnerability in Piigab M-Bus 900S Firmware PiiGAB M-Bus is vulnerable to cross-site request forgery. network low complexity piigab CWE-352	8.8
2023-07-07	CVE-2023-35765	Unprotected Storage of Credentials vulnerability in Piigab M-Bus 900S Firmware PiiGAB M-Bus stores credentials in a plaintext file, which could allow a low-level user to gain admin credentials. network low complexity piigab CWE-256	6.5
2023-07-06	CVE-2023-31277	Unprotected Transport of Credentials vulnerability in Piigab M-Bus 900S Firmware PiiGAB M-Bus transmits credentials in plaintext format. network low complexity piigab CWE-523	7.5
2023-07-06	CVE-2023-33868	Improper Restriction of Excessive Authentication Attempts vulnerability in Piigab M-Bus 900S Firmware The number of login attempts is not limited. network low complexity piigab CWE-307 critical	9.8
2023-07-06	CVE-2023-35987	Use of Hard-coded Credentials vulnerability in Piigab M-Bus 900S Firmware PiiGAB M-Bus contains hard-coded credentials which it uses for authentication. network low complexity piigab CWE-798 critical	9.8
2023-07-06	CVE-2023-36859	Code Injection vulnerability in Piigab M-Bus 900S Firmware PiiGAB M-Bus SoftwarePack 900S does not correctly sanitize user input, which could allow an attacker to inject arbitrary commands. network low complexity piigab CWE-94 critical	9.8

Vulnerabilities > Piigab {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Piigab"}]}

Vulnerabilities > Piigab