Vulnerabilities > Schrack

DATE	CVE	VULNERABILITY TITLE	RISK
2014-10-20	CVE-2014-8329	Improper Authentication vulnerability in Schrack products Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt. network low complexity schrack CWE-287 critical	10.0
2014-08-22	CVE-2014-5396	Unspecified vulnerability in Schrack products The web interface in Schrack Technik microControl with firmware before 1.7.0 (937) has a hardcoded password of not for the "user" account, which makes it easier for remote attackers to obtain access via unspecified vectors. network low complexity schrack	7.5
2014-08-20	CVE-2014-5382	Cross-Site Scripting vulnerability in Schrack products Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 (937) allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors. network schrack CWE-79	4.3

Vulnerabilities > Schrack {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Schrack"}]}