Vulnerabilities: Cross-site Request Forgery, Improper Authentication
The following versions of JTC-200, a TCP/IP converter, are affected:
Successful exploitation of these vulnerabilities
could allow for remote code execution on the device with elevated privileges.
Read on for details.
SenNet Data Logger appliances and Electricity Meters Multiple Vulnerabilities
SenNet is a trademark of Satel Spain that offers monitoring and remote-control solutions for businesses. Our engineers develop, integrate and test the products of SenNet in our facilities in Madrid (Spain).
1. No access control on the remote shell
2. Shell services running with excessive privileges (superuser)
3. OS Command Injection
4. Insecure Transport
Read on for poc.