← Back

Single Connect

single_connect

Vendor: Krontech • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-0882
1Krontech
1Single Connect
Jun 1, 2026
Feb 17, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Kron Tech Single Connect on Windows allows Privilege Abuse. This issue affects Single Connect: 2.16.
CVE-2021-44795
1Krontech
1Single Connect
May 18, 2026
Jan 27, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Single Connect does not perform an authorization check when using the "sc-assigned-credential-ui" module. A remote attacker could exploit this vulnerability to modify users permissions. The exploitation of this vulnerabi...Show more
Single Connect does not perform an authorization check when using the "sc-assigned-credential-ui" module. A remote attacker could exploit this vulnerability to modify users permissions. The exploitation of this vulnerability might allow a remote attacker to delete permissions from other users without authenticating.Show less
CVE-2021-44794
1Krontech
1Single Connect
May 18, 2026
Jan 27, 2022
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Single Connect does not perform an authorization check when using the "sc-diagnostic-ui" module. A remote attacker could exploit this vulnerability to access the device information page. The exploitation of this vulnerab...Show more
Single Connect does not perform an authorization check when using the "sc-diagnostic-ui" module. A remote attacker could exploit this vulnerability to access the device information page. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information.Show less
CVE-2021-44793
1Krontech
1Single Connect
May 18, 2026
Jan 27, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Single Connect does not perform an authorization check when using the sc-reports-ui" module. A remote attacker could exploit this vulnerability to access the device configuration page and export the data to an external f...Show more
Single Connect does not perform an authorization check when using the sc-reports-ui" module. A remote attacker could exploit this vulnerability to access the device configuration page and export the data to an external file. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information including the database credentials. Since the database runs with high privileges it is possible to execute commands with the attained credentials.Show less
CVE-2021-44792
1Krontech
1Single Connect
May 18, 2026
Jan 27, 2022
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Single Connect does not perform an authorization check when using the "log-monitor" module. A remote attacker could exploit this vulnerability to access the logging interface. The exploitation of this vulnerability might...Show more
Single Connect does not perform an authorization check when using the "log-monitor" module. A remote attacker could exploit this vulnerability to access the logging interface. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information.Show less