Bab-technologie Eibport Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Bab-technologie Eibport Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2021-28911 — CVSS 9.8 (critical): BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data…
CVE-2021-28909 — CVSS 9.8 (critical): BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers to access uncontrolled the login service at…
CVE-2021-28913 — CVSS 9.8 (critical): BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so…
CVE-2020-24573 — CVSS 7.5 (high): BAB TECHNOLOGIE GmbH eibPort V3 prior to 3.8.3 devices allow denial of service (Uncontrolled Resource Consumption) via requests to the…
CVE-2021-28910 — CVSS 7.5 (high): BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 contains basic SSRF vulnerability. It allow unauthenticated attackers to request to any…
CVE-2021-28912 — CVSS 7.2 (high): BAB TECHNOLOGIE GmbH eibPort V3. Each device has its own unique hard coded and weak root SSH key passphrase known as 'eibPort string'. This…
CVE-2021-28914 — CVSS 6.5 (medium): BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow the user to set a weak password because the strength is shown in configuration…