Vulnerabilities > Sewio
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-18 | CVE-2022-41989 | Unspecified vulnerability in Sewio Real-Time Location System Studio Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication. | 9.8 |
2023-01-18 | CVE-2022-43455 | Unspecified vulnerability in Sewio Real-Time Location System Studio Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the service_start, service_stop, and service_restart modules of the software. | 6.5 |
2023-01-18 | CVE-2022-43483 | Unspecified vulnerability in Sewio Real-Time Location System Studio Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. | 7.2 |
2023-01-18 | CVE-2022-45127 | Cross-Site Request Forgery (CSRF) vulnerability in Sewio Real-Time Location System Studio Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. | 8.1 |
2023-01-18 | CVE-2022-45444 | Use of Hard-coded Credentials vulnerability in Sewio Real-Time Location System Studio Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 contains hard-coded passwords for select users in the application’s database. | 9.8 |
2023-01-18 | CVE-2022-46733 | Cross-site Scripting vulnerability in Sewio Real-Time Location System Studio Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. | 9.6 |
2023-01-18 | CVE-2022-47395 | Unspecified vulnerability in Sewio Real-Time Location System Studio Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its monitor services. | 8.1 |
2023-01-18 | CVE-2022-47911 | Unspecified vulnerability in Sewio Real-Time Location System Studio Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. | 7.2 |
2023-01-18 | CVE-2022-47917 | Unspecified vulnerability in Sewio Real-Time Location System Studio Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to several modules and services of the software. | 6.5 |