Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitsubishielectric smartrtu firmware vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-16060
Mitsubishi Electric SmartRTU devices allow remote malicious users to obtain sensitive information (directory listing and source code) via a direct request to the /web URI.
Mitsubishielectric Smartrtu Firmware -
6.1
CVSSv3
CVE-2018-16061
Mitsubishi Electric SmartRTU devices allow XSS via the username parameter or PATH_INFO to login.php.
Mitsubishielectric Smartrtu Firmware -
9.8
CVSSv3
CVE-2019-14926
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. Hard-coded SSH keys allow an malicious user to gain unauthorised access or disclose encrypted data on the RTU due to the keys not being regenerated on i...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
5.4
CVSSv3
CVE-2019-14928
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. A number of stored cross-site script (XSS) vulnerabilities allow an malicious user to inject malicious code directly into the application. An example in...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
9.8
CVSSv3
CVE-2019-14929
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. Stored cleartext passwords could allow an unauthenticated malicious user to obtain configured username and password combinations on the RTU due to the w...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
6.5
CVSSv3
CVE-2019-14925
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. A world-readable /usr/smartrtu/init/settings.xml configuration file on the file system allows an malicious user to read sensitive configuration settings...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
7.5
CVSSv3
CVE-2019-14927
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. An unauthenticated remote configuration download vulnerability allows an malicious user to download the smartRTU's configuration file (which contai...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2019-14931
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. An unauthenticated remote OS Command Injection vulnerability allows an malicious user to execute arbitrary commands on the RTU due to the passing of uns...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2019-14930
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. Undocumented hard-coded user passwords for root, ineaadmin, mitsadmin, and maint could allow an malicious user to gain unauthorised access to the RTU. (...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started