VYPR

Time Provider 4100

by Microchip

CVEs (12)

  • CVE-2025-9497CriMar 28, 2026
    risk 0.64cvss 9.8epss 0.00

    Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0.

  • CVE-2024-43685CriOct 4, 2024
    risk 0.64cvss 9.8epss 0.00

    Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.

  • CVE-2024-9054HigOct 4, 2024
    risk 0.61cvss 8.8epss 0.15

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Microchip TimeProvider 4100 (Configuration modules) allows Command Injection.This issue affects TimeProvider…

  • CVE-2024-43684HigOct 4, 2024
    risk 0.57cvss 8.8epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0.

  • CVE-2024-7801MedOct 4, 2024
    risk 0.45cvss 6.5epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Microchip TimeProvider 4100 (Data plot modules) allows SQL Injection.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.

  • CVE-2024-43687MedOct 4, 2024
    risk 0.43cvss 6.1epss 0.01

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (banner config modules) allows Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0 before 2.4.7.

  • CVE-2024-43686MedOct 4, 2024
    risk 0.41cvss 6.1epss 0.11

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (data plot modules) allows Reflected XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.

  • CVE-2024-43683MedOct 4, 2024
    risk 0.40cvss 6.1epss 0.00

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0.

  • CVE-2025-47904Feb 24, 2026
    risk 0.00cvss epss 0.00

    Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.

  • CVE-2025-47902Oct 20, 2025
    risk 0.00cvss epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Microchip Time Provider 4100 allows SQL Injection.This issue affects Time Provider 4100: before 2.5.

  • CVE-2025-47901Oct 20, 2025
    risk 0.00cvss epss 0.02

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5.

  • CVE-2025-47900Oct 20, 2025
    risk 0.00cvss epss 0.02

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5.