CyberSec.Space Logo
返回 CVE 浏览器

CVE-2014-5396

HIGH
7.5
CVSS Severity Score
EPSS Score0.1000%
EPSS Percentile14.31th
Published2014年8月22日
Last Modified2026年5月6日

Vulnerability Description

The web interface in Schrack Technik microControl with firmware before 1.7.0 (937) has a hardcoded password of not for the "user" account, which makes it easier for remote attackers to obtain access via unspecified vectors.

Affected Platforms (CPE)

💻
Schrack

Technik Microcontrol Firmware

<= 1.7.0
🔌
Schrack

Technik Microcontrol

All versions

References & Advisories

🔗 http://seclists.org/fulldisclosure/2014/Jul/40
🔗 https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt
🔗 http://seclists.org/fulldisclosure/2014/Jul/40
🔗 https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt

相关漏洞威胁

CVE-2014-832910.0

Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient ac...

CVE-2014-53824.3

Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 (937)...

CVE-2014-049810.0

Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Ma...

CVE-2014-052310.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...