VYPR
High severity7.5NVD Advisory· Published May 31, 2019· Updated Jun 17, 2026

CVE-2019-9105

CVE-2019-9105

Description

The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to make several types of API calls without authentication, as demonstrated by retrieving password hashes via an inc/utils/REST_API.php?command=CallAPI&customurl=alladminusers call.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • SAET Impianti Speciali/TEBE Smalldescription
  • SAET/TEBE Smallllm-create
    Range: 04.68 build 1137

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.