Mobatime
Products
4- 5 CVEs
- 3 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-12286 | Cri | 0.64 | 9.8 | 0.00 | Dec 10, 2024 | MOBATIME Network Master Clock - DTS 4801 allows attackers to use SSH to gain initial access using default credentials. | ||
| CVE-2025-2407 | Cri | 0.60 | — | 0.00 | May 27, 2025 | Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows adversaries to unrestricted access via the network. The vulnerability is fixed in Version 1.5. | ||
| CVE-2023-3066 | 0.00 | — | 0.01 | Jun 5, 2023 | Incorrect Authorization vulnerability in Mobatime mobile application AMXGT100 allows a low-privileged user to impersonate anyone else, including administratorsThis issue affects Mobatime mobile application AMXGT100: through 1.3.20. | |||
| CVE-2023-3065 | 0.00 | — | 0.01 | Jun 5, 2023 | Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.This issue affects Mobatime mobile application AMXGT100 through 1.3.20. | |||
| CVE-2023-3064 | 0.00 | — | 0.01 | Jun 5, 2023 | Anonymous user may get the list of existing users managed by the application, that could ease further attacks (see CVE-2023-3065 and 3066)This issue affects Mobatime mobile application AMXGT100 through 1.3.20. | |||
| CVE-2023-3033 | 0.00 | — | 0.01 | Jun 2, 2023 | Incorrect Authorization vulnerability in Mobatime web application allows Privilege Escalation, Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mobatime web application: through 06.7.22. | |||
| CVE-2023-3032 | 0.00 | — | 0.01 | Jun 2, 2023 | Unrestricted Upload of File with Dangerous Type vulnerability in Mobatime web application (Documentary proof upload modules) allows a malicious user to Upload a Web Shell to a Web Server.This issue affects Mobatime web application: through 06.7.22. |
- risk 0.64cvss 9.8epss 0.00
MOBATIME Network Master Clock - DTS 4801 allows attackers to use SSH to gain initial access using default credentials.
- risk 0.60cvss —epss 0.00
Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows adversaries to unrestricted access via the network. The vulnerability is fixed in Version 1.5.
- CVE-2023-3066Jun 5, 2023risk 0.00cvss —epss 0.01
Incorrect Authorization vulnerability in Mobatime mobile application AMXGT100 allows a low-privileged user to impersonate anyone else, including administratorsThis issue affects Mobatime mobile application AMXGT100: through 1.3.20.
- CVE-2023-3065Jun 5, 2023risk 0.00cvss —epss 0.01
Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.This issue affects Mobatime mobile application AMXGT100 through 1.3.20.
- CVE-2023-3064Jun 5, 2023risk 0.00cvss —epss 0.01
Anonymous user may get the list of existing users managed by the application, that could ease further attacks (see CVE-2023-3065 and 3066)This issue affects Mobatime mobile application AMXGT100 through 1.3.20.
- CVE-2023-3033Jun 2, 2023risk 0.00cvss —epss 0.01
Incorrect Authorization vulnerability in Mobatime web application allows Privilege Escalation, Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mobatime web application: through 06.7.22.
- CVE-2023-3032Jun 2, 2023risk 0.00cvss —epss 0.01
Unrestricted Upload of File with Dangerous Type vulnerability in Mobatime web application (Documentary proof upload modules) allows a malicious user to Upload a Web Shell to a Web Server.This issue affects Mobatime web application: through 06.7.22.