VYPR

Conext ComBox

by Schneider Electric

CVEs (4)

  • CVE-2017-6019HigApr 7, 2017
    risk 0.55cvss 7.5epss 0.37

    An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot.

  • CVE-2022-32515Jan 30, 2023
    risk 0.00cvss epss 0.01

    A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause brute force attacks to take over the admin account when the product does not implement a rate limit mechanism on the admin authentication form. Affected Products: Conext™…

  • CVE-2022-32516Jan 30, 2023
    risk 0.00cvss epss 0.00

    A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that could cause system’s configurations override and cause a reboot loop when the product suffers from POST-Based Cross-Site Request Forgery (CSRF). Affected Products: Conext™ ComBox (All Versions)

  • CVE-2022-32517Jan 30, 2023
    risk 0.00cvss epss 0.00

    A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause an adversary to trick the interface user/admin into interacting with the application in an unintended way when the product does not implement restrictions on the ability to…