CVE-2021-27426

CRITICAL Year: 2021
CVSS v3 Score
9.8
Critical
CVSS v2 Score
7.5
High
Weakness Type
CWE-453
View all →

Vulnerability Description

GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user.

Related Vulnerabilities

CVE-2025-47945

CRITICAL
CVSS:9.1(Critical)

Donetick an open-source app for managing tasks and chores. Prior to version 0.1.44, the application uses JSON Web Tokens (JWT) for authentication, but the signing secret has a weak default value. Whil...

CWE-4532025

CVE-2022-47194

CRITICAL
CVSS:9.0(Critical)

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript...

CWE-4532022

CVE-2022-47195

CRITICAL
CVSS:9.0(Critical)

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript...

CWE-4532022

CVE-2022-47196

CRITICAL
CVSS:9.0(Critical)

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript...

CWE-4532022

CVE-2022-47197

CRITICAL
CVSS:9.0(Critical)

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript...

CWE-4532022