Vulnerabilities > Piigab > M BUS 900S Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-07-07 CVE-2023-34995 Unspecified vulnerability in Piigab M-Bus 900S Firmware
There are no requirements for setting a complex password for PiiGAB M-Bus, which could contribute to a successful brute force attack if the password is inline with recommended password guidelines.
network
low complexity
piigab
critical
 9.8
9.8
2023-07-07 CVE-2023-34433 Unspecified vulnerability in Piigab M-Bus 900S Firmware
PiiGAB M-Bus stores passwords using a weak hash algorithm.
network
low complexity
piigab
critical
 9.8
9.8
2023-07-06 CVE-2023-36859 Code Injection vulnerability in Piigab M-Bus 900S Firmware
PiiGAB M-Bus SoftwarePack 900S does not correctly sanitize user input, which could allow an attacker to inject arbitrary commands.
network
low complexity
piigab CWE-94
critical
 9.8
9.8
2023-07-06 CVE-2023-35987 Unspecified vulnerability in Piigab M-Bus 900S Firmware
PiiGAB M-Bus contains hard-coded credentials which it uses for authentication.
network
low complexity
piigab
critical
 9.8
9.8
2023-07-06 CVE-2023-33868 Unspecified vulnerability in Piigab M-Bus 900S Firmware
The number of login attempts is not limited.
network
low complexity
piigab
critical
 9.8
9.8