VYPR

MS3000

by GE Grid Solutions

CVEs (2)

  • CVE-2022-43977CriJan 17, 2023
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. The debug port accessible via TCP (a qconn service) lacks access control.

  • CVE-2022-43975HigJan 17, 2023
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. A vulnerability in the web server allows arbitrary files and configurations to be read via directory traversal over TCP port 8888.