Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166).
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NKunbus Pr100088 Modbus Gateway
HWKunbuswszystkie wersjeKunbus Pr100088 Modbus Gateway Firmware
OSKunbus< r02
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Powiązane podatności
CVE-2019-6527CRITICAL9.8ten sam produkt
PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to...
CVE-2019-6531HIGH8.1ten sam produkt
An attacker could retrieve passwords from a HTTP GET request from the Kunbus PR100088 Modbus gateway versions ...
CVE-2019-6549HIGH7.2ten sam produkt
An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions pri...
CVE-2019-6529MEDIUM4.9ten sam produkt
An attacker could specially craft an FTP request that could crash the PR100088 Modbus gateway versions prior t...
CVE-2025-41646CRITICAL9.8PL ✓ten sam vendor
Obejście uwierzytelnienia w Kunbus RevPi Status poprzez błędną konwersję typów