Uwp 3.0 Monitoring Gateway And Controller Firmware

uwp_3.0_monitoring_gateway_and_controller_firmware

CVEs (11)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-28816 1Gavazziautomation 2Cpy Car Park Server Uwp 3.0 Monitoring Gateway And Controller Firmware Nov 21, 2024 Sep 28, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy is prone to reflected XSS which only affects the Sentilo service.
CVE-2022-28815 1Gavazziautomation 2Cpy Car Park Server Uwp 3.0 Monitoring Gateway And Controller Firmware Nov 21, 2024 Sep 28, 2022 N/A· v4 2.7 LOW· v3 N/A· v2 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy server was discovered to contain a SQL injection vulnerability allowing an attacker to query other tables of the Sen...Show more In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy server was discovered to contain a SQL injection vulnerability allowing an attacker to query other tables of the Sentilo service.Show less
CVE-2022-28814 1Gavazziautomation 2Cpy Car Park Server Uwp 3.0 Monitoring Gateway And Controller Firmware Nov 21, 2024 Sep 28, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered to be vulnerable to a relative path traversal vulnerability which enables remote attackers to read arbitrary files and gai...Show more Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered to be vulnerable to a relative path traversal vulnerability which enables remote attackers to read arbitrary files and gain full control of the device.Show less
CVE-2022-28813 1Gavazziautomation 2Cpy Car Park Server Uwp 3.0 Monitoring Gateway And Controller Firmware Nov 21, 2024 Sep 28, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of an SQL-injection to gain access to a volatile temporary database with the current...Show more In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of an SQL-injection to gain access to a volatile temporary database with the current states of the device.Show less
CVE-2022-28812 1Gavazziautomation 2Cpy Car Park Server Uwp 3.0 Monitoring Gateway And Controller Firmware Nov 21, 2024 Sep 28, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device.
CVE-2022-28811 1Gavazziautomation 2Cpy Car Park Server Uwp 3.0 Monitoring Gateway And Controller Firmware Nov 21, 2024 Sep 28, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could utilize an improper input validation on an API-submitted parameter to execute arbitrary OS co...Show more In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could utilize an improper input validation on an API-submitted parameter to execute arbitrary OS commands.Show less
CVE-2022-22526 1Gavazziautomation 2Cpy Car Park Server Uwp 3.0 Monitoring Gateway And Controller Firmware Nov 21, 2024 Sep 28, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing authentication allows for full access via API.
CVE-2022-22525 1Gavazziautomation 2Cpy Car Park Server Uwp 3.0 Monitoring Gateway And Controller Firmware Nov 21, 2024 Sep 28, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an remote attacker with admin rights could execute arbitrary commands due to missing input sanitization in the backup restore function
CVE-2022-22524 1Gavazziautomation 2Cpy Car Park Server Uwp 3.0 Monitoring Gateway And Controller Firmware Nov 21, 2024 Sep 28, 2022 N/A· v4 9.4 CRITICAL· v3 N/A· v2 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop ser...Show more In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop services .Show less
CVE-2022-22523 1Gavazziautomation 2Cpy Car Park Server Uwp 3.0 Monitoring Gateway And Controller Firmware Nov 21, 2024 Sep 28, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 An improper authentication vulnerability exists in the Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 Web-App which allows an authentication bypass to the context of an unauthorised us...Show more An improper authentication vulnerability exists in the Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 Web-App which allows an authentication bypass to the context of an unauthorised user if free-access is disabled.Show less
CVE-2022-22522 1Gavazziautomation 2Cpy Car Park Server Uwp 3.0 Monitoring Gateway And Controller Firmware Nov 21, 2024 Sep 28, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain full access to the device.