Known Vulnerabilities for Tbox Lt2 Firmware by Ovarro
Listed below are 6 of the newest known vulnerabilities associated with "Tbox Lt2 Firmware" by "Ovarro".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-36611 json | The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an... | 6.5 - MEDIUM | 2023-07-03 | 2023-07-07 |
| CVE-2023-36610 json | The affected TBox RTUs generate software security tokens using insufficient entropy. The random seed used to generate the... | 5.9 - MEDIUM | 2023-07-03 | 2023-11-07 |
| CVE-2023-36609 json | The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could se... | 7.2 - HIGH | 2023-07-03 | 2023-07-10 |
| CVE-2023-36608 json | The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure encryption algorithm. | 6.5 - MEDIUM | 2023-07-03 | 2023-07-10 |
| CVE-2023-36607 json | The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reve... | 5.3 - MEDIUM | 2023-06-29 | 2023-07-07 |
| CVE-2023-3395 json | All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in memory. An attacker with access... | 6.5 - MEDIUM | 2023-07-03 | 2023-11-07 |