Latest Carel Vulnerabilities

CVE-2023-3643
Boss Mini document file inclusion
Carel Boss Mini Firmware=1.4.0-build_6221
Carel Boss Mini
Carel Boss Mini Firmware=1.4.0-build_6221
Carel Boss Mini
CVE-2020-18329
An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interfac...
Carel Pcoweb Card Web=2.2
Carel Pcoweb Card Bios=6.27
Carel Pcoweb Card Boot=5.00
CVE-2022-34827
Carel Boss Mini 1.5.0 has Improper Access Control.
Carel Boss Mini Firmware=1.5.0
Carel Boss Mini
CVE-2022-37122
Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input pa...
Carel Pcoweb Card Firmware>=a2.1.0<=b.2.1.0
Carel Pcoweb Card
Carel Applica=2.154a
Carel Applica=16_13020200
Carel pCOWeb HVAC BACnet Gateway=2.1.0
CVE-2019-13553
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These cred...
Carel pCOWeb firmware>=a1.5.3<=b1.2.4
Rittal Chiller SK 3232
CVE-2019-13549
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection agai...
Carel pCOWeb firmware>=a1.5.3<=b1.2.4
Rittal Chiller SK 3232
CVE-2019-11370
Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pw_snmp.html "System contact" field.
Carel Pcoweb Card Firmware<b1.2.4
Carel Pcoweb Card
CVE-2019-11369
An issue was discovered in Carel pCOWeb prior to B1.2.4. In /config/pw_changeusers.html the device stores cleartext passwords, which may allow sensitive information to be read by someone with access t...
Carel Pcoweb Card Firmware<b1.2.1
Carel Pcoweb Card
CVE-2019-9484
Carel Pcoweb Card Firmware
Carel Pcoweb Card

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203