Search criteria
5 vulnerabilities by Welotec
CVE-2025-41714 (GCVE-0-2025-41714)
Vulnerability from cvelistv5 – Published: 2025-09-10 06:48 – Updated: 2025-09-10 19:27
VLAI?
Summary
The upload endpoint insufficiently validates the 'Upload-Key' request header. By supplying path traversal sequences, an authenticated attacker can cause the server to create upload-related artifacts outside the intended storage location. In certain configurations this enables arbitrary file write and may be leveraged to achieve remote code execution.
Severity ?
8.8 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Welotec | SmartEMS Web Application |
Affected:
v0.0.0 , < v3.3.6
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T19:27:37.674885Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T19:27:45.979Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SmartEMS Web Application",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v3.3.6",
"status": "affected",
"version": "v0.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The upload endpoint insufficiently validates the \u0027Upload-Key\u0027 request header. By supplying path traversal sequences, an authenticated attacker can cause the server to create upload-related artifacts outside the intended storage location. In certain configurations this enables arbitrary file write and may be leveraged to achieve remote code execution."
}
],
"value": "The upload endpoint insufficiently validates the \u0027Upload-Key\u0027 request header. By supplying path traversal sequences, an authenticated attacker can cause the server to create upload-related artifacts outside the intended storage location. In certain configurations this enables arbitrary file write and may be leveraged to achieve remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T06:48:10.130Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-085"
}
],
"source": {
"advisory": "VDE-2025-085",
"defect": [
"CERT@VDE#641856"
],
"discovery": "UNKNOWN"
},
"title": "Path Traversal via \u0027Upload-Key\u0027 in SmartEMS Upload Handling",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41714",
"datePublished": "2025-09-10T06:48:10.130Z",
"dateReserved": "2025-04-16T11:17:48.311Z",
"dateUpdated": "2025-09-10T19:27:45.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41702 (GCVE-0-2025-41702)
Vulnerability from cvelistv5 – Published: 2025-08-26 06:10 – Updated: 2025-08-26 19:39
VLAI?
Summary
The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key.
Severity ?
9.8 (Critical)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Welotec | EG400Mk2-D11001-000101 |
Affected:
0.0.0 , < v1.7.7
(semver)
Affected: v1.8.0 , < v1.8.2 (semver) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41702",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-26T19:37:50.695357Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T19:39:00.393Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EG400Mk2-D11001-000101",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG400Mk2-D11101-000101",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG503W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG503L",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG503W_4GB",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG503L_4GB",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG503L-G",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG500Mk2-A11101-000101",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG500Mk2-A11001-000101",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG500Mk2-B11101-000101",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG500Mk2-B11001-000101",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG500Mk2-C11101-000101",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG500Mk2-C11001-000101",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG500Mk2-A12011-000101",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG500Mk2-A11001-000201",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG500Mk2-A21101-000101",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG602W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG602L",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG603W Mk2",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG603L Mk2",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG802W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG804W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG802W_i7_512GB_DinRail",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG802W_i7_512GB_w/o DinRail",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG804W Pro",
"vendor": "Welotec",
"versions": [
{
"lessThan": "\u003cv1.7.7",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
},
{
"lessThan": "v1.8.2",
"status": "affected",
"version": "v1.8.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key.\u003cbr\u003e"
}
],
"value": "The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T06:10:57.464Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-076"
}
],
"source": {
"advisory": "VDE-2025-076",
"defect": [
"CERT@VDE#641843"
],
"discovery": "UNKNOWN"
},
"title": "egOS WebGUI Hard-Coded JWT Secret Enables Authentication Bypass",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41702",
"datePublished": "2025-08-26T06:10:57.464Z",
"dateReserved": "2025-04-16T11:17:48.310Z",
"dateUpdated": "2025-08-26T19:39:00.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3911 (GCVE-0-2024-3911)
Vulnerability from cvelistv5 – Published: 2024-04-23 12:14 – Updated: 2025-08-27 21:23
VLAI?
Summary
An unauthenticated remote attacker can deceive users into performing unintended actions due to improper restriction of rendered UI layers or frames.
Severity ?
6.5 (Medium)
CWE
- CWE-1021 - Improper Restriction of Rendered UI Layers or Frames
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Welotec | SMART EMS |
Affected:
0 , < 3.1.4
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"other": {
"content": {
"id": "CVE-2024-3911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T18:24:02.430325Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:23:00.831Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:26:57.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SMART EMS",
"vendor": "Welotec",
"versions": [
{
"lessThan": "3.1.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VPN Security Suite",
"vendor": "Welotec",
"versions": [
{
"lessThan": "3.1.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can\u0026nbsp;deceive users into performing unintended actions due to improper restriction of rendered UI layers or frames.\u0026nbsp;\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker can\u00a0deceive users into performing unintended actions due to improper restriction of rendered UI layers or frames.\u00a0\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1021",
"description": "CWE-1021 Improper Restriction of Rendered UI Layers or Frames",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-23T12:14:29.188Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-023"
}
],
"source": {
"advisory": "VDE-2024-023",
"defect": [
"CERT@VDE#641623"
],
"discovery": "UNKNOWN"
},
"title": "Welotec: Clickjacking Vulnerability in WebUI",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-3911",
"datePublished": "2024-04-23T12:14:29.188Z",
"dateReserved": "2024-04-17T06:43:32.237Z",
"dateUpdated": "2025-08-27T21:23:00.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1083 (GCVE-0-2023-1083)
Vulnerability from cvelistv5 – Published: 2024-04-09 08:25 – Updated: 2024-10-02 05:26
VLAI?
Summary
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates.
Severity ?
9.8 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Welotec | TK515L |
Affected:
0 , < v2.3.0.r5542
(semver)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
BSI
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:welotec:tk515l:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tk515l",
"vendor": "welotec",
"versions": [
{
"lessThan": "2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:welotec:tk525l:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tk525l",
"vendor": "welotec",
"versions": [
{
"lessThan": "2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:welotec:tk525u:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tk525u",
"vendor": "welotec",
"versions": [
{
"lessThan": "2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:welotec:tk525w:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tk525w",
"vendor": "welotec",
"versions": [
{
"lessThan": "2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:welotec:tk535l1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tk535l1",
"vendor": "welotec",
"versions": [
{
"lessThan": "2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1083",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T15:27:15.755861Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T18:59:22.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:32:46.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "TK515L",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK515L Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK515L-W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK515L-W Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525L",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525L Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525L-W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525L-W Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525U",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525U Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525W Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK535L1",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK535L1 Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "BSI"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker who is aware of a\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMQTT \u003c/span\u003e topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker who is aware of a\u00a0MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T05:26:02.183Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-009"
}
],
"source": {
"advisory": "VDE-2024-009",
"defect": [
"CERT@VDE#64405"
],
"discovery": "UNKNOWN"
},
"title": "Welotec: improper access control in TK500v1 router series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-1083",
"datePublished": "2024-04-09T08:25:46.915Z",
"dateReserved": "2023-02-28T08:11:19.318Z",
"dateUpdated": "2024-10-02T05:26:02.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1082 (GCVE-0-2023-1082)
Vulnerability from cvelistv5 – Published: 2024-04-09 08:25 – Updated: 2024-08-21 14:01
VLAI?
Summary
An remote attacker with low privileges can perform a command injection which can lead to root access.
Severity ?
8.8 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Welotec | TK515L |
Affected:
0 , < v2.3.0.r5542
(semver)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
BSI
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:32:46.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-009"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:welotec:tk515l:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk515l_set:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk515l-w:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk515l-w_set:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk525l:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk525l_set:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk525l-w:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk525l-w_set:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk525u:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk525u_set:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk525w:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk525w_set:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk535l1:*:*:*:*:*:*:*:*",
"cpe:2.3:h:welotec:tk535l1_set:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "tk535l1_set",
"vendor": "welotec",
"versions": [
{
"lessThan": "2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1082",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T13:52:38.459999Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T14:01:54.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "TK515L",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK515L Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK515L-W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK515L-W Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525L",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525L Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525L-W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525L-W Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525U",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525U Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525W Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK535L1",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK535L1 Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "BSI"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An remote attacker with low privileges can perform a command injection which can lead to root access."
}
],
"value": "An remote attacker with low privileges can perform a command injection which can lead to root access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T08:25:34.716Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-009"
}
],
"source": {
"advisory": "VDE-2024-009",
"defect": [
"CERT@VDE#64405"
],
"discovery": "UNKNOWN"
},
"title": "Welotec: Command injection vulnerability in TK500v1 router series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-1082",
"datePublished": "2024-04-09T08:25:34.716Z",
"dateReserved": "2023-02-28T08:11:17.763Z",
"dateUpdated": "2024-08-21T14:01:54.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}