Siemens

7kt Pac1260 Data Manager Firmware

9 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-41796

  • EPSS 0.09%
  • Published 08.04.2025 08:22:14
  • Last modified 23.09.2025 16:02:23

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices allows to change the login password without knowing the current password. In combination with a prepared CSRF attack (CVE-20...

6.5

CVE-2024-41795

  • EPSS 0.02%
  • Published 08.04.2025 08:22:12
  • Last modified 23.09.2025 16:06:17

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices is vulnerable to Cross-Site Request Forgery (CSRF) attacks. This could allow an unauthenticated attacker to change arbitrary...

9.8

CVE-2024-41794

Media report
  • EPSS 0.08%
  • Published 08.04.2025 08:22:11
  • Last modified 23.09.2025 16:13:18

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). Affected devices contain hardcoded credentials for remote access to the device operating system with root privileges. This could allow unauthenticated remote atta...

7.5

CVE-2024-41793

  • EPSS 0.06%
  • Published 08.04.2025 08:22:09
  • Last modified 23.09.2025 16:20:08

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices provides an endpoint that allows to enable the ssh service without authentication. This could allow an unauthenticated remot...

7.5

CVE-2024-41792

  • EPSS 0.13%
  • Published 08.04.2025 08:22:08
  • Last modified 23.09.2025 16:21:32

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices contains a path traversal vulnerability. This could allow an unauthenticated attacker it to access arbitrary files on the de...

6.5

CVE-2024-41791

  • EPSS 0.04%
  • Published 08.04.2025 08:22:05
  • Last modified 23.09.2025 16:23:13

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not authenticate report creation requests. This could allow an unauthenticated remote attacker to read or clear the log...

7.2

CVE-2024-41790

Media report
  • EPSS 0.17%
  • Published 08.04.2025 08:22:04
  • Last modified 23.09.2025 16:35:14

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the region parameter in specific POST requests. This could allow an authenticated remote attacker to execu...

7.2

CVE-2024-41789

Media report
  • EPSS 0.17%
  • Published 08.04.2025 08:22:02
  • Last modified 23.09.2025 16:37:39

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the language parameter in specific POST requests. This could allow an authenticated remote attacker to exe...

7.2

CVE-2024-41788

Media report
  • EPSS 0.17%
  • Published 08.04.2025 08:22:00
  • Last modified 23.09.2025 16:38:22

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the input parameters in specific GET requests. This could allow an authenticated remote attacker to execut...