Sewio

Real-time Location System Studio

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2022-47911

  • EPSS 0.72%
  • Veröffentlicht 18.01.2023 01:15:13
  • Zuletzt bearbeitet 21.11.2024 07:32:31

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions ...

6.5

CVE-2022-47917

  • EPSS 0.23%
  • Veröffentlicht 18.01.2023 01:15:13
  • Zuletzt bearbeitet 21.11.2024 07:32:31

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to several modules and services of the software. This could allow an attacker to delete arbitrary...

6.5

CVE-2022-43455

  • EPSS 0.22%
  • Veröffentlicht 18.01.2023 01:15:12
  • Zuletzt bearbeitet 21.11.2024 07:26:31

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the service_start, service_stop, and service_restart modules of the software. This could allow...

7.2

CVE-2022-43483

  • EPSS 0.72%
  • Veröffentlicht 18.01.2023 01:15:12
  • Zuletzt bearbeitet 21.11.2024 07:26:34

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. This could allow a remote attacker to access sensitive functions...

8.1

CVE-2022-45127

  • EPSS 0.08%
  • Veröffentlicht 18.01.2023 01:15:12
  • Zuletzt bearbeitet 21.11.2024 07:28:48

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup ope...

9.8

CVE-2022-45444

  • EPSS 0.57%
  • Veröffentlicht 18.01.2023 01:15:12
  • Zuletzt bearbeitet 21.11.2024 07:29:16

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 contains hard-coded passwords for select users in the application’s database. This could allow a remote attacker to login to the database with unrestricte...

9.6

CVE-2022-46733

  • EPSS 0.42%
  • Veröffentlicht 18.01.2023 01:15:12
  • Zuletzt bearbeitet 21.11.2024 07:30:59

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands.

8.1

CVE-2022-47395

  • EPSS 0.08%
  • Veröffentlicht 18.01.2023 01:15:12
  • Zuletzt bearbeitet 21.11.2024 07:31:53

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its monitor services. An attacker could take advantage of this vulnerability to execute arbitrary maintenan...

9.8

CVE-2022-41989

  • EPSS 0.67%
  • Veröffentlicht 18.01.2023 01:15:11
  • Zuletzt bearbeitet 21.11.2024 07:24:13

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication. This allows an attacker to send an exceedingly long payload, resulting in an ou...