Vulnerabilities (CVE)

Filtered by vendor Bab-technologie Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-28910	1 Bab-technologie	2 Eibport, Eibport Firmware	2021-09-20	5.0 MEDIUM	7.5 HIGH
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 contains basic SSRF vulnerability. It allow unauthenticated attackers to request to any internal and external server.
CVE-2021-28912	1 Bab-technologie	2 Eibport, Eibport Firmware	2021-09-20	9.0 HIGH	7.2 HIGH
BAB TECHNOLOGIE GmbH eibPort V3. Each device has its own unique hard coded and weak root SSH key passphrase known as 'eibPort string'. This is usable and the final part of an attack chain to gain SSH root access.
CVE-2020-24573	1 Bab-technologie	2 Eibport, Eibport Firmware	2020-11-24	5.0 MEDIUM	7.5 HIGH
BAB TECHNOLOGIE GmbH eibPort V3 prior to 3.8.3 devices allow denial of service (Uncontrolled Resource Consumption) via requests to the lighttpd component.