Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for axm-net by accuenergy

    VAR-201411-0076

    Vulnerability from variot - Updated: 2025-10-14 23:25

    The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript. Accuenergy Acuvim II for AXN-NET Ethernet Run on module accessories Web server Contains a vulnerability that prevents authentication and changes its settings.Unspecified by a third party URL Authentication may be bypassed and settings may be changed via direct requests to. Accuenergy Acuvim II is prone to a remote authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks. AXN-NET Ethernet module 3.04 is vulnerable; other versions may also be affected

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201411-0076",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "axm-net",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "accuenergy",
            "version": "3.04"
          },
          {
            "model": "acuvim ii",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "accuenergy",
            "version": null
          },
          {
            "model": "acuvim ii",
            "scope": null,
            "trust": 0.8,
            "vendor": "accuenergy",
            "version": null
          },
          {
            "model": "axn-net",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "accuenergy",
            "version": "3.04"
          },
          {
            "model": "axn-net ethernet module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "accuenergy",
            "version": "3.04"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "70852"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-006"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005229"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2373"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:accuenergy:acuvim_ii",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:accuenergy:axm-net",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005229"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Laisvis Lingvevicius",
        "sources": [
          {
            "db": "BID",
            "id": "70852"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-006"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2014-2373",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "ics-cert@hq.dhs.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2014-2373",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 2.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "ics-cert@hq.dhs.gov",
                "id": "CVE-2014-2373",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-2373",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-2373",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201411-006",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-006"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005229"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2373"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2373"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript. Accuenergy Acuvim II for AXN-NET Ethernet Run on module accessories Web server Contains a vulnerability that prevents authentication and changes its settings.Unspecified by a third party URL Authentication may be bypassed and settings may be changed via direct requests to. Accuenergy Acuvim II is prone to a remote authentication-bypass vulnerability. \nAn attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks. \nAXN-NET Ethernet module 3.04 is vulnerable; other versions may also be affected",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-2373"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005229"
          },
          {
            "db": "BID",
            "id": "70852"
          }
        ],
        "trust": 1.89
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "ICS CERT",
            "id": "ICSA-14-275-02",
            "trust": 2.7
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2373",
            "trust": 2.7
          },
          {
            "db": "BID",
            "id": "70852",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005229",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-006",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "70852"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-006"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005229"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2373"
          }
        ]
      },
      "id": "VAR-201411-0076",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.30555555
      },
      "last_update_date": "2025-10-14T23:25:11.038000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Release Notes",
            "trust": 0.8,
            "url": "http://www.accuenergy.com/firmware-update-axm-net"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005229"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-602",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005229"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2373"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.7,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-275-02"
          },
          {
            "trust": 1.6,
            "url": "http://www.accuenergy.com/firmware-update-axm-net"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-275-02"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2373"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2373"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/70852"
          },
          {
            "trust": 0.3,
            "url": "http://www.accuenergy.com/acuvim-ii-series-multifunction-power-meter"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "70852"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-006"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005229"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2373"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "70852"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-006"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005229"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2373"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-10-30T00:00:00",
            "db": "BID",
            "id": "70852"
          },
          {
            "date": "2014-10-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201411-006"
          },
          {
            "date": "2014-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005229"
          },
          {
            "date": "2014-11-05T11:55:04.637000",
            "db": "NVD",
            "id": "CVE-2014-2373"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-10-30T00:00:00",
            "db": "BID",
            "id": "70852"
          },
          {
            "date": "2014-12-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201411-006"
          },
          {
            "date": "2014-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005229"
          },
          {
            "date": "2025-10-13T23:15:34.490000",
            "db": "NVD",
            "id": "CVE-2014-2373"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-006"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Accuenergy Acuvim II for  AXN-NET Ethernet Run on module accessories  Web server Vulnerabilities that bypass authentication",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005229"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-006"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201411-0077

    Vulnerability from variot - Updated: 2025-10-14 23:25

    The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript. Accuenergy Acuvim II is prone to a remote security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain access to potentially sensitive information.This may lead to further attacks. AXN-NET Ethernet module 3.04 is vulnerable; other versions may also be affected

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201411-0077",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "axm-net",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "accuenergy",
            "version": "3.04"
          },
          {
            "model": "acuvim ii",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "accuenergy",
            "version": null
          },
          {
            "model": "acuvim ii",
            "scope": null,
            "trust": 0.8,
            "vendor": "accuenergy",
            "version": null
          },
          {
            "model": "axn-net",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "accuenergy",
            "version": "3.04"
          },
          {
            "model": "axn-net ethernet module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "accuenergy",
            "version": "3.04"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "70853"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005230"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2374"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:accuenergy:acuvim_ii",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:accuenergy:axm-net",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005230"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Laisvis Lingvevicius",
        "sources": [
          {
            "db": "BID",
            "id": "70853"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-007"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2014-2374",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "ics-cert@hq.dhs.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2014-2374",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 2.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "ics-cert@hq.dhs.gov",
                "id": "CVE-2014-2374",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-2374",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-2374",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201411-007",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005230"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2374"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2374"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript. Accuenergy Acuvim II is prone to a remote security-bypass vulnerability. \nAn attacker can exploit this issue to bypass  certain security restrictions and gain access to potentially sensitive  information.This may lead to further attacks. \nAXN-NET Ethernet module 3.04 is vulnerable; other versions may also be affected",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-2374"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005230"
          },
          {
            "db": "BID",
            "id": "70853"
          }
        ],
        "trust": 1.89
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "ICS CERT",
            "id": "ICSA-14-275-02",
            "trust": 2.7
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2374",
            "trust": 2.7
          },
          {
            "db": "BID",
            "id": "70853",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005230",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-007",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "70853"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005230"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2374"
          }
        ]
      },
      "id": "VAR-201411-0077",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.30555555
      },
      "last_update_date": "2025-10-14T23:25:11.008000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Release Notes",
            "trust": 0.8,
            "url": "http://www.accuenergy.com/firmware-update-axm-net"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005230"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-602",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005230"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2374"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.7,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-275-02"
          },
          {
            "trust": 1.6,
            "url": "http://www.accuenergy.com/firmware-update-axm-net"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-275-02"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2374"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2374"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/70853"
          },
          {
            "trust": 0.3,
            "url": "http://www.accuenergy.com/acuvim-ii-series-multifunction-power-meter"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "70853"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005230"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2374"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "70853"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005230"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2374"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-10-30T00:00:00",
            "db": "BID",
            "id": "70853"
          },
          {
            "date": "2014-10-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201411-007"
          },
          {
            "date": "2014-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005230"
          },
          {
            "date": "2014-11-05T11:55:04.683000",
            "db": "NVD",
            "id": "CVE-2014-2374"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-10-30T00:00:00",
            "db": "BID",
            "id": "70853"
          },
          {
            "date": "2014-11-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201411-007"
          },
          {
            "date": "2014-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005230"
          },
          {
            "date": "2025-10-13T23:15:34.700000",
            "db": "NVD",
            "id": "CVE-2014-2374"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-007"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Accuenergy Acuvim II for  AXN-NET Ethernet Module accessory vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005230"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201411-007"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2014-2374 (GCVE-0-2014-2374)

    Vulnerability from nvd – Published: 2014-11-05 11:00 – Updated: 2025-10-13 22:40
    VLAI
    Title
    Accuenergy Accuenergy Acuvim II Client-Side Enforcement of Server-Side Security
    Summary
    The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Date Public
    2014-10-30 06:00
    Credits
    Laisvis Lingvevicius
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:14:25.880Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.accuenergy.com/firmware-update-axm-net"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-275-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Accuenergy Acuvim II AXN-NET Ethernet module",
              "vendor": "Accuenergy",
              "versions": [
                {
                  "status": "affected",
                  "version": "v.3.04"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Laisvis Lingvevicius"
            }
          ],
          "datePublic": "2014-10-30T06:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\nThe AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript.\n\n\u003c/p\u003e"
                }
              ],
              "value": "The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript."
            }
          ],
          "metrics": [
            {
              "cvssV2_0": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "PARTIAL",
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-602",
                  "description": "CWE-602",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-13T22:40:16.562Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.accuenergy.com/firmware-update-axm-net"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-275-02"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAccuenergy has produced a patch to mitigate these vulnerabilities. The patch can be downloaded at the following location:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.accuenergy.com/firmware-update-axm-net\"\u003ehttp://www.accuenergy.com/firmware-update-axm-net\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "Accuenergy has produced a patch to mitigate these vulnerabilities. The patch can be downloaded at the following location:\u00a0 http://www.accuenergy.com/firmware-update-axm-net"
            }
          ],
          "source": {
            "advisory": "ICSA-14-275-02",
            "discovery": "EXTERNAL"
          },
          "title": "Accuenergy Accuenergy Acuvim II Client-Side Enforcement of Server-Side Security",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2014-2373",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The web server on the AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to bypass authentication and modify settings via a direct request to an unspecified URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.accuenergy.com/firmware-update-axm-net",
                  "refsource": "CONFIRM",
                  "url": "http://www.accuenergy.com/firmware-update-axm-net"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-275-02",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-275-02"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2014-2374",
        "datePublished": "2014-11-05T11:00:00.000Z",
        "dateReserved": "2014-03-13T00:00:00.000Z",
        "dateUpdated": "2025-10-13T22:40:16.562Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2373 (GCVE-0-2014-2373)

    Vulnerability from nvd – Published: 2014-11-05 11:00 – Updated: 2025-10-13 22:39
    VLAI
    Title
    Accuenergy Accuenergy Acuvim II Client-Side Enforcement of Server-Side Security
    Summary
    The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Date Public
    2014-10-30 06:00
    Credits
    Laisvis Lingvevicius
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:14:25.518Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.accuenergy.com/firmware-update-axm-net"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-275-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Accuenergy Acuvim II AXN-NET Ethernet module",
              "vendor": "Accuenergy",
              "versions": [
                {
                  "status": "affected",
                  "version": "v.3.04"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Laisvis Lingvevicius"
            }
          ],
          "datePublic": "2014-10-30T06:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\nThe AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript.\n\n\u003c/p\u003e"
                }
              ],
              "value": "The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript."
            }
          ],
          "metrics": [
            {
              "cvssV2_0": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "PARTIAL",
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-602",
                  "description": "CWE-602",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-13T22:39:34.813Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.accuenergy.com/firmware-update-axm-net"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-275-02"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAccuenergy has produced a patch to mitigate these vulnerabilities. The patch can be downloaded at the following location:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.accuenergy.com/firmware-update-axm-net\"\u003ehttp://www.accuenergy.com/firmware-update-axm-net\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "Accuenergy has produced a patch to mitigate these vulnerabilities. The patch can be downloaded at the following location:\u00a0 http://www.accuenergy.com/firmware-update-axm-net"
            }
          ],
          "source": {
            "advisory": "ICSA-14-275-02",
            "discovery": "EXTERNAL"
          },
          "title": "Accuenergy Accuenergy Acuvim II Client-Side Enforcement of Server-Side Security",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2014-2373",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The web server on the AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to bypass authentication and modify settings via a direct request to an unspecified URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.accuenergy.com/firmware-update-axm-net",
                  "refsource": "CONFIRM",
                  "url": "http://www.accuenergy.com/firmware-update-axm-net"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-275-02",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-275-02"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2014-2373",
        "datePublished": "2014-11-05T11:00:00.000Z",
        "dateReserved": "2014-03-13T00:00:00.000Z",
        "dateUpdated": "2025-10-13T22:39:34.813Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2374 (GCVE-0-2014-2374)

    Vulnerability from cvelistv5 – Published: 2014-11-05 11:00 – Updated: 2025-10-13 22:40
    VLAI
    Title
    Accuenergy Accuenergy Acuvim II Client-Side Enforcement of Server-Side Security
    Summary
    The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Date Public
    2014-10-30 06:00
    Credits
    Laisvis Lingvevicius
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:14:25.880Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.accuenergy.com/firmware-update-axm-net"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-275-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Accuenergy Acuvim II AXN-NET Ethernet module",
              "vendor": "Accuenergy",
              "versions": [
                {
                  "status": "affected",
                  "version": "v.3.04"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Laisvis Lingvevicius"
            }
          ],
          "datePublic": "2014-10-30T06:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\nThe AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript.\n\n\u003c/p\u003e"
                }
              ],
              "value": "The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript."
            }
          ],
          "metrics": [
            {
              "cvssV2_0": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "PARTIAL",
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-602",
                  "description": "CWE-602",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-13T22:40:16.562Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.accuenergy.com/firmware-update-axm-net"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-275-02"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAccuenergy has produced a patch to mitigate these vulnerabilities. The patch can be downloaded at the following location:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.accuenergy.com/firmware-update-axm-net\"\u003ehttp://www.accuenergy.com/firmware-update-axm-net\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "Accuenergy has produced a patch to mitigate these vulnerabilities. The patch can be downloaded at the following location:\u00a0 http://www.accuenergy.com/firmware-update-axm-net"
            }
          ],
          "source": {
            "advisory": "ICSA-14-275-02",
            "discovery": "EXTERNAL"
          },
          "title": "Accuenergy Accuenergy Acuvim II Client-Side Enforcement of Server-Side Security",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2014-2373",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The web server on the AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to bypass authentication and modify settings via a direct request to an unspecified URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.accuenergy.com/firmware-update-axm-net",
                  "refsource": "CONFIRM",
                  "url": "http://www.accuenergy.com/firmware-update-axm-net"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-275-02",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-275-02"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2014-2374",
        "datePublished": "2014-11-05T11:00:00.000Z",
        "dateReserved": "2014-03-13T00:00:00.000Z",
        "dateUpdated": "2025-10-13T22:40:16.562Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2373 (GCVE-0-2014-2373)

    Vulnerability from cvelistv5 – Published: 2014-11-05 11:00 – Updated: 2025-10-13 22:39
    VLAI
    Title
    Accuenergy Accuenergy Acuvim II Client-Side Enforcement of Server-Side Security
    Summary
    The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Date Public
    2014-10-30 06:00
    Credits
    Laisvis Lingvevicius
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:14:25.518Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.accuenergy.com/firmware-update-axm-net"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-275-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Accuenergy Acuvim II AXN-NET Ethernet module",
              "vendor": "Accuenergy",
              "versions": [
                {
                  "status": "affected",
                  "version": "v.3.04"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Laisvis Lingvevicius"
            }
          ],
          "datePublic": "2014-10-30T06:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\nThe AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript.\n\n\u003c/p\u003e"
                }
              ],
              "value": "The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript."
            }
          ],
          "metrics": [
            {
              "cvssV2_0": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "PARTIAL",
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-602",
                  "description": "CWE-602",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-13T22:39:34.813Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.accuenergy.com/firmware-update-axm-net"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-275-02"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAccuenergy has produced a patch to mitigate these vulnerabilities. The patch can be downloaded at the following location:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.accuenergy.com/firmware-update-axm-net\"\u003ehttp://www.accuenergy.com/firmware-update-axm-net\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "Accuenergy has produced a patch to mitigate these vulnerabilities. The patch can be downloaded at the following location:\u00a0 http://www.accuenergy.com/firmware-update-axm-net"
            }
          ],
          "source": {
            "advisory": "ICSA-14-275-02",
            "discovery": "EXTERNAL"
          },
          "title": "Accuenergy Accuenergy Acuvim II Client-Side Enforcement of Server-Side Security",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2014-2373",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The web server on the AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to bypass authentication and modify settings via a direct request to an unspecified URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.accuenergy.com/firmware-update-axm-net",
                  "refsource": "CONFIRM",
                  "url": "http://www.accuenergy.com/firmware-update-axm-net"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-275-02",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-275-02"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2014-2373",
        "datePublished": "2014-11-05T11:00:00.000Z",
        "dateReserved": "2014-03-13T00:00:00.000Z",
        "dateUpdated": "2025-10-13T22:39:34.813Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }