Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2023-5702
- EPSS 35.45%
- Veröffentlicht 23.10.2023 01:15:07
- Zuletzt bearbeitet 21.11.2024 08:42:18
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to t...
9.8
CVE-2023-45852
- EPSS 93.59%
- Veröffentlicht 14.10.2023 02:15:09
- Zuletzt bearbeitet 21.11.2024 08:27:29
In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method.
9.8
CVE-2023-5222
- EPSS 89.71%
- Veröffentlicht 27.09.2023 15:19:43
- Zuletzt bearbeitet 21.11.2024 08:41:19
A vulnerability classified as critical was found in Viessmann Vitogate 300 up to 2.1.3.0. This vulnerability affects the function isValidUser of the file /cgi-bin/vitogate.cgi of the component Web Management Interface. The manipulation leads to use o...
1