CVE-2024-22813

MEDIUM Year: 2024
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-798
View all →

Vulnerability Description

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite the hardcoded IP address in the device memory, disrupting network connectivity between the router and the controller.

Related Vulnerabilities

CVE-2020-10206

MEDIUM
CVSS:4.4(Medium)

Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows local attackers to view and interact wi...

CWE-7982020

CVE-2024-39582

MEDIUM
CVSS:4.4(Medium)

Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Inf...

CWE-7982024

CVE-2019-12376

MEDIUM
CVSS:4.5(Medium)

Use of a hard-coded encryption key in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to full managed endpoint compromise by an authenticated user wit...

CWE-7982019

CVE-2021-42892

MEDIUM
CVSS:4.3(Medium)

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the default username and password exists in the firmware.

CWE-7982021

CVE-2023-29064

MEDIUM
CVSS:4.3(Medium)

The FACSChorus software contains sensitive information stored in plaintext. A threat actor could gain hardcoded secrets used by the application, which include tokens and passwords for administrative a...

CWE-7982023

CVE-2023-45194

MEDIUM
CVSS:4.3(Medium)

Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 (-D/-K/-S/-DK/-DKS/-M/-W) firmware Ver. 1.03.45 and earlier allows a network-adjacent unauthenticated a...

CWE-7982023