Search
Find a vulnerability
Search criteria
10 vulnerabilities found for universal_multifunctional_electric_power_quality_meter_firmware by binom3
CVE-2017-5167 (GCVE-0-2017-5167)
Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-05 14:55
VLAI
Summary
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users do not have any option to change their own passwords.
Severity
No CVSS data available.
CWE
- BINOM3 Electric Power Quality Meter hardcoded passwords
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A | x_refsource_MISC |
| http://www.securityfocus.com/bid/93028 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BINOM3 Electric Power Quality Meter |
Affected:
BINOM3 Electric Power Quality Meter
|
Date Public
2017-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:34.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BINOM3 Electric Power Quality Meter",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BINOM3 Electric Power Quality Meter"
}
]
}
],
"datePublic": "2017-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users do not have any option to change their own passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BINOM3 Electric Power Quality Meter hardcoded passwords",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5167",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BINOM3 Electric Power Quality Meter",
"version": {
"version_data": [
{
"version_value": "BINOM3 Electric Power Quality Meter"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users do not have any option to change their own passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "BINOM3 Electric Power Quality Meter hardcoded passwords"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-5167",
"datePublished": "2017-02-13T21:00:00.000Z",
"dateReserved": "2017-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:55:34.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5166 (GCVE-0-2017-5166)
Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-05 14:55
VLAI
Summary
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An INFORMATION EXPOSURE flaw can be used to gain privileged access to the device.
Severity
No CVSS data available.
CWE
- BINOM3 Electric Power Quality Meter INFORMATION EXPOSURE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A | x_refsource_MISC |
| http://www.securityfocus.com/bid/93028 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BINOM3 Electric Power Quality Meter |
Affected:
BINOM3 Electric Power Quality Meter
|
Date Public
2017-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:34.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BINOM3 Electric Power Quality Meter",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BINOM3 Electric Power Quality Meter"
}
]
}
],
"datePublic": "2017-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An INFORMATION EXPOSURE flaw can be used to gain privileged access to the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BINOM3 Electric Power Quality Meter INFORMATION EXPOSURE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5166",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BINOM3 Electric Power Quality Meter",
"version": {
"version_data": [
{
"version_value": "BINOM3 Electric Power Quality Meter"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An INFORMATION EXPOSURE flaw can be used to gain privileged access to the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "BINOM3 Electric Power Quality Meter INFORMATION EXPOSURE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-5166",
"datePublished": "2017-02-13T21:00:00.000Z",
"dateReserved": "2017-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:55:34.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5165 (GCVE-0-2017-5165)
Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-05 14:55
VLAI
Summary
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There is no CSRF Token generated per page and/or per (sensitive) function. Successful exploitation of this vulnerability can allow silent execution of unauthorized actions on the device such as configuration parameter changes, and saving modified configuration.
Severity
No CVSS data available.
CWE
- BINOM3 Electric Power Quality Meter csrf
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A | x_refsource_MISC |
| http://www.securityfocus.com/bid/93028 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BINOM3 Electric Power Quality Meter |
Affected:
BINOM3 Electric Power Quality Meter
|
Date Public
2017-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:34.843Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BINOM3 Electric Power Quality Meter",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BINOM3 Electric Power Quality Meter"
}
]
}
],
"datePublic": "2017-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There is no CSRF Token generated per page and/or per (sensitive) function. Successful exploitation of this vulnerability can allow silent execution of unauthorized actions on the device such as configuration parameter changes, and saving modified configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BINOM3 Electric Power Quality Meter csrf",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5165",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BINOM3 Electric Power Quality Meter",
"version": {
"version_data": [
{
"version_value": "BINOM3 Electric Power Quality Meter"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There is no CSRF Token generated per page and/or per (sensitive) function. Successful exploitation of this vulnerability can allow silent execution of unauthorized actions on the device such as configuration parameter changes, and saving modified configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "BINOM3 Electric Power Quality Meter csrf"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-5165",
"datePublished": "2017-02-13T21:00:00.000Z",
"dateReserved": "2017-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:55:34.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5164 (GCVE-0-2017-5164)
Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-05 14:55
VLAI
Summary
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Input sent from a malicious client is not properly verified by the server. An attacker can execute arbitrary script code in another user's browser session (CROSS-SITE SCRIPTING).
Severity
No CVSS data available.
CWE
- BINOM3 Electric Power Quality Meter XSS
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A | x_refsource_MISC |
| http://www.securityfocus.com/bid/93028 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BINOM3 Electric Power Quality Meter |
Affected:
BINOM3 Electric Power Quality Meter
|
Date Public
2017-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:35.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BINOM3 Electric Power Quality Meter",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BINOM3 Electric Power Quality Meter"
}
]
}
],
"datePublic": "2017-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Input sent from a malicious client is not properly verified by the server. An attacker can execute arbitrary script code in another user\u0027s browser session (CROSS-SITE SCRIPTING)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BINOM3 Electric Power Quality Meter XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5164",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BINOM3 Electric Power Quality Meter",
"version": {
"version_data": [
{
"version_value": "BINOM3 Electric Power Quality Meter"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Input sent from a malicious client is not properly verified by the server. An attacker can execute arbitrary script code in another user\u0027s browser session (CROSS-SITE SCRIPTING)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "BINOM3 Electric Power Quality Meter XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-5164",
"datePublished": "2017-02-13T21:00:00.000Z",
"dateReserved": "2017-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:55:35.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5162 (GCVE-0-2017-5162)
Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-05 14:55
VLAI
Summary
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of authentication for remote service gives access to application set up and configuration.
Severity
No CVSS data available.
CWE
- BINOM3 Electric Power Quality Meter Lack of authentication
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A | x_refsource_MISC |
| http://www.securityfocus.com/bid/93028 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BINOM3 Electric Power Quality Meter |
Affected:
BINOM3 Electric Power Quality Meter
|
Date Public
2017-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:35.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BINOM3 Electric Power Quality Meter",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BINOM3 Electric Power Quality Meter"
}
]
}
],
"datePublic": "2017-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of authentication for remote service gives access to application set up and configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BINOM3 Electric Power Quality Meter Lack of authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5162",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BINOM3 Electric Power Quality Meter",
"version": {
"version_data": [
{
"version_value": "BINOM3 Electric Power Quality Meter"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of authentication for remote service gives access to application set up and configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "BINOM3 Electric Power Quality Meter Lack of authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-5162",
"datePublished": "2017-02-13T21:00:00.000Z",
"dateReserved": "2017-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:55:35.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5164 (GCVE-0-2017-5164)
Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-05 14:55
VLAI
Summary
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Input sent from a malicious client is not properly verified by the server. An attacker can execute arbitrary script code in another user's browser session (CROSS-SITE SCRIPTING).
Severity
No CVSS data available.
CWE
- BINOM3 Electric Power Quality Meter XSS
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A | x_refsource_MISC |
| http://www.securityfocus.com/bid/93028 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BINOM3 Electric Power Quality Meter |
Affected:
BINOM3 Electric Power Quality Meter
|
Date Public
2017-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:35.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BINOM3 Electric Power Quality Meter",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BINOM3 Electric Power Quality Meter"
}
]
}
],
"datePublic": "2017-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Input sent from a malicious client is not properly verified by the server. An attacker can execute arbitrary script code in another user\u0027s browser session (CROSS-SITE SCRIPTING)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BINOM3 Electric Power Quality Meter XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5164",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BINOM3 Electric Power Quality Meter",
"version": {
"version_data": [
{
"version_value": "BINOM3 Electric Power Quality Meter"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Input sent from a malicious client is not properly verified by the server. An attacker can execute arbitrary script code in another user\u0027s browser session (CROSS-SITE SCRIPTING)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "BINOM3 Electric Power Quality Meter XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-5164",
"datePublished": "2017-02-13T21:00:00.000Z",
"dateReserved": "2017-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:55:35.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5162 (GCVE-0-2017-5162)
Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-05 14:55
VLAI
Summary
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of authentication for remote service gives access to application set up and configuration.
Severity
No CVSS data available.
CWE
- BINOM3 Electric Power Quality Meter Lack of authentication
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A | x_refsource_MISC |
| http://www.securityfocus.com/bid/93028 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BINOM3 Electric Power Quality Meter |
Affected:
BINOM3 Electric Power Quality Meter
|
Date Public
2017-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:35.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BINOM3 Electric Power Quality Meter",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BINOM3 Electric Power Quality Meter"
}
]
}
],
"datePublic": "2017-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of authentication for remote service gives access to application set up and configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BINOM3 Electric Power Quality Meter Lack of authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5162",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BINOM3 Electric Power Quality Meter",
"version": {
"version_data": [
{
"version_value": "BINOM3 Electric Power Quality Meter"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of authentication for remote service gives access to application set up and configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "BINOM3 Electric Power Quality Meter Lack of authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-5162",
"datePublished": "2017-02-13T21:00:00.000Z",
"dateReserved": "2017-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:55:35.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5167 (GCVE-0-2017-5167)
Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-05 14:55
VLAI
Summary
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users do not have any option to change their own passwords.
Severity
No CVSS data available.
CWE
- BINOM3 Electric Power Quality Meter hardcoded passwords
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A | x_refsource_MISC |
| http://www.securityfocus.com/bid/93028 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BINOM3 Electric Power Quality Meter |
Affected:
BINOM3 Electric Power Quality Meter
|
Date Public
2017-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:34.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BINOM3 Electric Power Quality Meter",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BINOM3 Electric Power Quality Meter"
}
]
}
],
"datePublic": "2017-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users do not have any option to change their own passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BINOM3 Electric Power Quality Meter hardcoded passwords",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5167",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BINOM3 Electric Power Quality Meter",
"version": {
"version_data": [
{
"version_value": "BINOM3 Electric Power Quality Meter"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users do not have any option to change their own passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "BINOM3 Electric Power Quality Meter hardcoded passwords"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-5167",
"datePublished": "2017-02-13T21:00:00.000Z",
"dateReserved": "2017-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:55:34.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5165 (GCVE-0-2017-5165)
Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-05 14:55
VLAI
Summary
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There is no CSRF Token generated per page and/or per (sensitive) function. Successful exploitation of this vulnerability can allow silent execution of unauthorized actions on the device such as configuration parameter changes, and saving modified configuration.
Severity
No CVSS data available.
CWE
- BINOM3 Electric Power Quality Meter csrf
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A | x_refsource_MISC |
| http://www.securityfocus.com/bid/93028 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BINOM3 Electric Power Quality Meter |
Affected:
BINOM3 Electric Power Quality Meter
|
Date Public
2017-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:34.843Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BINOM3 Electric Power Quality Meter",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BINOM3 Electric Power Quality Meter"
}
]
}
],
"datePublic": "2017-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There is no CSRF Token generated per page and/or per (sensitive) function. Successful exploitation of this vulnerability can allow silent execution of unauthorized actions on the device such as configuration parameter changes, and saving modified configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BINOM3 Electric Power Quality Meter csrf",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5165",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BINOM3 Electric Power Quality Meter",
"version": {
"version_data": [
{
"version_value": "BINOM3 Electric Power Quality Meter"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There is no CSRF Token generated per page and/or per (sensitive) function. Successful exploitation of this vulnerability can allow silent execution of unauthorized actions on the device such as configuration parameter changes, and saving modified configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "BINOM3 Electric Power Quality Meter csrf"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-5165",
"datePublished": "2017-02-13T21:00:00.000Z",
"dateReserved": "2017-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:55:34.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5166 (GCVE-0-2017-5166)
Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-05 14:55
VLAI
Summary
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An INFORMATION EXPOSURE flaw can be used to gain privileged access to the device.
Severity
No CVSS data available.
CWE
- BINOM3 Electric Power Quality Meter INFORMATION EXPOSURE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A | x_refsource_MISC |
| http://www.securityfocus.com/bid/93028 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BINOM3 Electric Power Quality Meter |
Affected:
BINOM3 Electric Power Quality Meter
|
Date Public
2017-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:34.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BINOM3 Electric Power Quality Meter",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BINOM3 Electric Power Quality Meter"
}
]
}
],
"datePublic": "2017-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An INFORMATION EXPOSURE flaw can be used to gain privileged access to the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BINOM3 Electric Power Quality Meter INFORMATION EXPOSURE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5166",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BINOM3 Electric Power Quality Meter",
"version": {
"version_data": [
{
"version_value": "BINOM3 Electric Power Quality Meter"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An INFORMATION EXPOSURE flaw can be used to gain privileged access to the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "BINOM3 Electric Power Quality Meter INFORMATION EXPOSURE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name": "93028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-5166",
"datePublished": "2017-02-13T21:00:00.000Z",
"dateReserved": "2017-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:55:34.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}