Filtered by vendor Pyres Subscriptions
Filtered by product Termod4 Firmware Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-23162 1 Pyres 2 Termod4, Termod4 Firmware 2024-11-21 7.5 High
Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials.
CVE-2020-23161 1 Pyres 2 Termod4, Termod4 Firmware 2024-11-21 6.5 Medium
Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance > Logs menu and manipulating the file-path in the URL.
CVE-2020-23160 1 Pyres 2 Termod4, Termod4 Firmware 2024-11-21 8.8 High
Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices.