CMC III
by Rittal
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-40222 | 0.01 | — | 0.05 | Sep 9, 2021 | Rittal CMC PU III Web management Version affected: V3.11.00_2. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web… | |||
| CVE-2022-40633 | 0.00 | — | 0.00 | Mar 2, 2023 | A malicious actor can clone access cards used to open control cabinets secured with Rittal CMC III locks. | |||
| CVE-2019-19393 | 0.00 | — | 0.01 | Oct 1, 2020 | The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content (such as JavaScript or other… |
- CVE-2021-40222Sep 9, 2021risk 0.01cvss —epss 0.05
Rittal CMC PU III Web management Version affected: V3.11.00_2. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web…
- CVE-2022-40633Mar 2, 2023risk 0.00cvss —epss 0.00
A malicious actor can clone access cards used to open control cabinets secured with Rittal CMC III locks.
- CVE-2019-19393Oct 1, 2020risk 0.00cvss —epss 0.01
The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content (such as JavaScript or other…