CyberSec.Space Logo
Back to CVE Browser

CVE-2014-5396

HIGH
7.5
CVSS Severity Score
EPSS Score0.1000%
EPSS Percentile14.31th
PublishedAug 22, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

The web interface in Schrack Technik microControl with firmware before 1.7.0 (937) has a hardcoded password of not for the "user" account, which makes it easier for remote attackers to obtain access via unspecified vectors.

Affected Platforms (CPE)

πŸ’»
Schrack

Technik Microcontrol Firmware

<= 1.7.0
πŸ”Œ
Schrack

Technik Microcontrol

All versions

References & Advisories

πŸ”— http://seclists.org/fulldisclosure/2014/Jul/40
πŸ”— https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt
πŸ”— http://seclists.org/fulldisclosure/2014/Jul/40
πŸ”— https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt

Related Vulnerabilities

CVE-2014-832910.0

Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient ac...

CVE-2014-53824.3

Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 (937)...

CVE-2014-049810.0

Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Ma...

CVE-2014-052410.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...