Vulnerabilities > Viessmann

DATE CVE VULNERABILITY TITLE RISK
2023-10-23 CVE-2023-5702 Forced Browsing vulnerability in Viessmann Vitogate 300 Firmware 2.1.3.0
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic.
low complexity
viessmann CWE-425
6.5
2023-10-14 CVE-2023-45852 Command Injection vulnerability in Viessmann Vitogate 300 Firmware 2.1.3.0
In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method.
network
low complexity
viessmann CWE-77
critical
9.8
2023-09-27 CVE-2023-5222 Unspecified vulnerability in Viessmann Vitogate 300 Firmware 2.1.3.0
A vulnerability classified as critical was found in Viessmann Vitogate 300 up to 2.1.3.0.
network
low complexity
viessmann
critical
9.8