VYPR

Ion8650

by Schneider Electric

CVEs (4)

  • CVE-2016-5815CriFeb 13, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. No authentication is configured by default. An unauthorized user can access the device management portal…

  • CVE-2016-5809HigFeb 13, 2017
    risk 0.60cvss 8.8epss 0.02

    An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. There is no CSRF Token generated to authenticate the user during a session. Successful exploitation of…

  • CVE-2023-5985Nov 15, 2023
    risk 0.00cvss epss 0.00

    A CWE-79 Improper Neutralization of Input During Web Page Generation vulnerability exists that could cause compromise of a user’s browser when an attacker with admin privileges has modified system values.

  • CVE-2023-5984Nov 15, 2023
    risk 0.00cvss epss 0.00

    A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow modified firmware to be uploaded when an authorized admin user begins a firmware update procedure which could result in full control over the device.