Search
Find a vulnerability
Search criteria
2 vulnerabilities found for genucenter by genua
CVE-2026-13211 (GCVE-0-2026-13211)
Vulnerability from nvd – Published: 2026-07-01 15:46 – Updated: 2026-07-01 17:47
VLAI
EPSS
VEX
Title
Genucenter Disclosure of SNMP Credentials
Summary
The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the “Service” or “Admin” role.
Severity
4.3 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-201 - Insertion of sensitive information into sent data
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/sbaresearch/advisories/tree/pu… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| genua | genucenter |
Affected:
8.0 , ≤ 8.0p10
(custom)
Unaffected: 8.0p11 , < 8.1 (custom) Unaffected: 8.6 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-13211",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T17:47:05.251461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:47:08.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/sbaresearch/advisories/tree/public/2026/SBA-ADV-20260424-01_Genucenter_Disclosure_of_SNMP_Credentials"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "genucenter",
"vendor": "genua",
"versions": [
{
"lessThanOrEqual": "8.0p10",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "8.1",
"status": "unaffected",
"version": "8.0p11",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.6",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andreas Boll (SBA Research)"
},
{
"lang": "en",
"type": "finder",
"value": "Lisa Gnedt (SBA Research)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the \u201cService\u201d or \u201cAdmin\u201d role."
}
],
"value": "The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the \u201cService\u201d or \u201cAdmin\u201d role."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-201",
"description": "CWE-201 Insertion of sensitive information into sent data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T15:46:25.174Z",
"orgId": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"shortName": "sba-research"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://github.com/sbaresearch/advisories/tree/public/2026/SBA-ADV-20260424-01_Genucenter_Disclosure_of_SNMP_Credentials"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Genucenter Disclosure of SNMP Credentials",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"assignerShortName": "sba-research",
"cveId": "CVE-2026-13211",
"datePublished": "2026-07-01T15:46:25.174Z",
"dateReserved": "2026-06-24T15:07:32.597Z",
"dateUpdated": "2026-07-01T17:47:08.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-13211 (GCVE-0-2026-13211)
Vulnerability from cvelistv5 – Published: 2026-07-01 15:46 – Updated: 2026-07-01 17:47
VLAI
EPSS
VEX
Title
Genucenter Disclosure of SNMP Credentials
Summary
The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the “Service” or “Admin” role.
Severity
4.3 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-201 - Insertion of sensitive information into sent data
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/sbaresearch/advisories/tree/pu… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| genua | genucenter |
Affected:
8.0 , ≤ 8.0p10
(custom)
Unaffected: 8.0p11 , < 8.1 (custom) Unaffected: 8.6 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-13211",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T17:47:05.251461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:47:08.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/sbaresearch/advisories/tree/public/2026/SBA-ADV-20260424-01_Genucenter_Disclosure_of_SNMP_Credentials"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "genucenter",
"vendor": "genua",
"versions": [
{
"lessThanOrEqual": "8.0p10",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "8.1",
"status": "unaffected",
"version": "8.0p11",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.6",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andreas Boll (SBA Research)"
},
{
"lang": "en",
"type": "finder",
"value": "Lisa Gnedt (SBA Research)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the \u201cService\u201d or \u201cAdmin\u201d role."
}
],
"value": "The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the \u201cService\u201d or \u201cAdmin\u201d role."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-201",
"description": "CWE-201 Insertion of sensitive information into sent data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T15:46:25.174Z",
"orgId": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"shortName": "sba-research"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://github.com/sbaresearch/advisories/tree/public/2026/SBA-ADV-20260424-01_Genucenter_Disclosure_of_SNMP_Credentials"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Genucenter Disclosure of SNMP Credentials",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"assignerShortName": "sba-research",
"cveId": "CVE-2026-13211",
"datePublished": "2026-07-01T15:46:25.174Z",
"dateReserved": "2026-06-24T15:07:32.597Z",
"dateUpdated": "2026-07-01T17:47:08.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}