Vulnerabilities > Sewio

DATE CVE VULNERABILITY TITLE RISK
2023-01-18 CVE-2022-41989 Unspecified vulnerability in Sewio Real-Time Location System Studio
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication.
network
low complexity
sewio
critical
9.8
2023-01-18 CVE-2022-43455 Unspecified vulnerability in Sewio Real-Time Location System Studio
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the service_start, service_stop, and service_restart modules of the software.
network
low complexity
sewio
6.5
2023-01-18 CVE-2022-43483 Unspecified vulnerability in Sewio Real-Time Location System Studio
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software.
network
low complexity
sewio
7.2
2023-01-18 CVE-2022-45127 Cross-Site Request Forgery (CSRF) vulnerability in Sewio Real-Time Location System Studio
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services.
network
low complexity
sewio CWE-352
8.1
2023-01-18 CVE-2022-45444 Use of Hard-coded Credentials vulnerability in Sewio Real-Time Location System Studio
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 contains hard-coded passwords for select users in the application’s database.
network
low complexity
sewio CWE-798
critical
9.8
2023-01-18 CVE-2022-46733 Cross-site Scripting vulnerability in Sewio Real-Time Location System Studio
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services.
network
low complexity
sewio CWE-79
critical
9.6
2023-01-18 CVE-2022-47395 Unspecified vulnerability in Sewio Real-Time Location System Studio
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its monitor services.
network
low complexity
sewio
8.1
2023-01-18 CVE-2022-47911 Unspecified vulnerability in Sewio Real-Time Location System Studio
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software.
network
low complexity
sewio
7.2
2023-01-18 CVE-2022-47917 Unspecified vulnerability in Sewio Real-Time Location System Studio
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to several modules and services of the software.
network
low complexity
sewio
6.5