An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface.
References
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
03 Feb 2023, 19:48
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Carel pcoweb Card Web
Carel Carel pcoweb Card Bios Carel pcoweb Card Boot |
|
CPE | cpe:2.3:o:carel:pcoweb_card_bios:6.27:*:*:*:*:*:*:* cpe:2.3:o:carel:pcoweb_card_boot:5.00:*:*:*:*:*:*:* cpe:2.3:a:carel:pcoweb_card_web:2.2:*:*:*:*:*:*:* |
|
References | (MISC) https://github.com/cybertoxin/CVEs/blob/main/CVE_2020_18329.md - Third Party Advisory | |
References | (MISC) https://medium.com/@SergiuSechel/insecure-permissions-in-rehau-group-unlimited-polymer-solutions-implementation-of-carel-pcoweb-514c148ae694 - Exploit, Third Party Advisory | |
CWE | CWE-281 |
26 Jan 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-26 21:15
Updated : 2023-12-10 14:48
NVD link : CVE-2020-18329
Mitre link : CVE-2020-18329
CVE.ORG link : CVE-2020-18329
JSON object : View
Products Affected
carel
- pcoweb_card_web
- pcoweb_card_boot
- pcoweb_card_bios
CWE
CWE-281
Improper Preservation of Permissions