C\-More_ea9\-T10cl_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
C\-More_ea9\-T10cl_firmware
(Automationdirect)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	3

Date	Id	Summary	Products	Score	Patch	Annotated
2022-08-31	CVE-2022-2005	AutomationDirect C-more EA9 HTTP webserver uses an insecure mechanism to transport credentials from client to web server, which may allow an attacker to obtain the login credentials and login as a valid user. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73;...	C\-More_ea9\-Pgmsw_firmware, C\-More_ea9\-Rhmi_firmware, C\-More_ea9\-T10cl_firmware, C\-More_ea9\-T10wcl_firmware, C\-More_ea9\-T12cl_firmware, C\-More_ea9\-T15cl\-R_firmware, C\-More_ea9\-T15cl_firmware, C\-More_ea9\-T6cl\-R_firmware, C\-More_ea9\-T6cl_firmware, C\-More_ea9\-T7cl\-R_firmware, C\-More_ea9\-T7cl_firmware, C\-More_ea9\-T8cl_firmware	7.5
2022-08-31	CVE-2022-2006	AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions...	C\-More_ea9\-Pgmsw_firmware, C\-More_ea9\-Rhmi_firmware, C\-More_ea9\-T10cl_firmware, C\-More_ea9\-T10wcl_firmware, C\-More_ea9\-T12cl_firmware, C\-More_ea9\-T15cl\-R_firmware, C\-More_ea9\-T15cl_firmware, C\-More_ea9\-T6cl\-R_firmware, C\-More_ea9\-T6cl_firmware, C\-More_ea9\-T7cl\-R_firmware, C\-More_ea9\-T7cl_firmware, C\-More_ea9\-T8cl_firmware	7.8
2020-02-05	CVE-2020-6969	It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations.	C\-More_ea9\-Rhi_firmware, C\-More_ea9\-T10cl_firmware, C\-More_ea9\-T10wcl_firmware, C\-More_ea9\-T12cl_firmware, C\-More_ea9\-T15cl\-R_firmware, C\-More_ea9\-T15cl_firmware, C\-More_ea9\-T6cl\-R_firmware, C\-More_ea9\-T6cl_firmware, C\-More_ea9\-T7cl\-R_firmware, C\-More_ea9\-T7cl_firmware, C\-More_ea9\-T8cl_firmware	N/A