Gira

gira

5 CVEs • 6 products

Products (6)

Click to collapse

Toggle

Tks Ip Gateway Firmware

tks-ip-gateway_firmware

Knx Ip Router Firmware

knx_ip_router_firmware

Gira Home Server Firmware

gira_home_server_firmware

Gira Home Server

gira_home_server

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-33276 1Gira 1Knx Ip Router Firmware Nov 21, 2024 Jun 30, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a "404 - Not Found" status code if a path is accessed that does not exist. However, the value of the path is reflected in the r...Show more The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a "404 - Not Found" status code if a path is accessed that does not exist. However, the value of the path is reflected in the response. As the application will reflect the supplied path without context-sensitive HTML encoding, it is vulnerable to reflective cross-site scripting (XSS).Show less
CVE-2023-33277 1Gira 1Knx Ip Router Firmware Nov 21, 2024 Jun 29, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 allows a remote attacker to read sensitive files via directory-traversal sequences in the URL.
CVE-2023-2739 1Gira 1Gira Home Server Firmware Nov 21, 2024 May 16, 2023 N/A· v4 6.1 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability classified as problematic was found in Gira HomeServer up to 4.12.0.220829 beta. This vulnerability affects unknown code of the file /hslist. The manipulation of the argument lst with the input debug%27">...Show more A vulnerability classified as problematic was found in Gira HomeServer up to 4.12.0.220829 beta. This vulnerability affects unknown code of the file /hslist. The manipulation of the argument lst with the input debug%27"><img%20src=x%20onerror=alert(document.cookie)> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229150 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2020-10795 1Gira 1Tks Ip Gateway Firmware Nov 21, 2024 May 7, 2020 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend. This can be combined with CVE-2020-10794 for remote root access.
CVE-2020-10794 1Gira 1Tks Ip Gateway Firmware Nov 21, 2024 May 7, 2020 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to unauthenticated path traversal that allows an attacker to download the application database. This can be combined with CVE-2020-10795 for remote root access.