Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitsubishielectric smartrtu firmware vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2019-14931
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. An unauthenticated remote OS Command Injection vulnerability allows an malicious user to execute arbitrary commands on the RTU due to the passing of uns...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
1 EDB exploit
890
VMScore
CVE-2019-14930
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. Undocumented hard-coded user passwords for root, ineaadmin, mitsadmin, and maint could allow an malicious user to gain unauthorised access to the RTU. (...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
668
VMScore
CVE-2019-14926
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. Hard-coded SSH keys allow an malicious user to gain unauthorised access or disclose encrypted data on the RTU due to the keys not being regenerated on i...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
505
VMScore
CVE-2019-14927
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. An unauthenticated remote configuration download vulnerability allows an malicious user to download the smartRTU's configuration file (which contai...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
1 EDB exploit
445
VMScore
CVE-2018-16060
Mitsubishi Electric SmartRTU devices allow remote malicious users to obtain sensitive information (directory listing and source code) via a direct request to the /web URI.
Mitsubishielectric Smartrtu Firmware -
445
VMScore
CVE-2019-14929
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. Stored cleartext passwords could allow an unauthenticated malicious user to obtain configured username and password combinations on the RTU due to the w...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
383
VMScore
CVE-2018-16061
Mitsubishi Electric SmartRTU devices allow XSS via the username parameter or PATH_INFO to login.php.
Mitsubishielectric Smartrtu Firmware -
356
VMScore
CVE-2019-14925
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. A world-readable /usr/smartrtu/init/settings.xml configuration file on the file system allows an malicious user to read sensitive configuration settings...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
312
VMScore
CVE-2019-14928
An issue exists on Mitsubishi Electric ME-RTU devices up to and including 2.02 and INEA ME-RTU devices up to and including 3.0. A number of stored cross-site script (XSS) vulnerabilities allow an malicious user to inject malicious code directly into the application. An example in...
Mitsubishielectric Smartrtu Firmware
Inea Me-rtu Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started