Vulnerabilities > Sauter Controls > EY As525F001 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-27 | CVE-2023-22300 | Cross-site Scripting vulnerability in Sauter-Controls Ey-As525F001 Firmware An unauthenticated remote attacker could force all authenticated users, such as administrative users, to perform unauthorized actions by viewing the logs. | 6.1 |
| 2023-03-27 | CVE-2023-27927 | Cleartext Transmission of Sensitive Information vulnerability in Sauter-Controls Ey-As525F001 Firmware An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password in cleartext format, despite it being protected and hidden behind asterisks. | 6.5 |
| 2023-03-27 | CVE-2023-28650 | Cross-site Scripting vulnerability in Sauter-Controls Ey-As525F001 Firmware An unauthenticated remote attacker could provide a malicious link and trick an unsuspecting user into clicking on it. | 6.1 |
| 2023-03-27 | CVE-2023-28652 | Unrestricted Upload of File with Dangerous Type vulnerability in Sauter-Controls Ey-As525F001 Firmware An authenticated malicious user could successfully upload a malicious image could lead to a denial-of-service condition. | 6.5 |
| 2023-03-27 | CVE-2023-28655 | Cross-site Scripting vulnerability in Sauter-Controls Ey-As525F001 Firmware A malicious user could leverage this vulnerability to escalate privileges or perform unauthorized actions in the context of the targeted privileged users. | 5.4 |