cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-32515,https://securityvulnerability.io/vulnerability/CVE-2022-32515,Improper Restriction of Excessive Authentication Attempts in Schneider Electric's Conext™ ComBox,"A vulnerability exists within Schneider Electric's Conext™ ComBox that permits excessive authentication attempts, potentially allowing malicious actors to execute brute force attacks. If there is no effective rate limiting mechanism implemented on the admin authentication form, attackers can exploit this vulnerability to take over admin accounts, compromising system security.",Schneider Electric,Conext™ Combox,8.6,HIGH,0.0020099999383091927,false,,false,false,false,,,false,false,,2023-01-30T00:00:00.000Z,0
CVE-2022-32516,https://securityvulnerability.io/vulnerability/CVE-2022-32516,Cross-Site Request Forgery Vulnerability in Schneider Electric Conext™ ComBox,"A Cross-Site Request Forgery (CSRF) vulnerability has been identified in Schneider Electric's Conext™ ComBox, which may allow attackers to exploit the system by sending unauthorized HTTP requests. This could lead to serious configurations being overridden, potentially resulting in a continuous reboot loop of the system. The flaw affects all versions of the Conext™ ComBox and requires immediate attention to secure the affected systems.",Schneider Electric,Conext™ Combox,7.5,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-01-30T00:00:00.000Z,0
CVE-2022-32517,https://securityvulnerability.io/vulnerability/CVE-2022-32517,Improper UI Layer Restrictions in Conext ComBox by Schneider Electric,"An improper restriction of rendered UI layers or frames vulnerability exists in the Conext ComBox, enabling potential attackers to exploit the system's interface. This flaw may allow malicious actors to manipulate how the application's user interface is presented to users, potentially tricking them into unintended interactions with the application. As the product doesn't enforce necessary restrictions on rendering content from external sources, users may be exposed to a range of security risks that could compromise the integrity and confidentiality of their operations.",Schneider Electric,Conext™ Combox,6.5,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2023-01-30T00:00:00.000Z,0
CVE-2021-22798,https://securityvulnerability.io/vulnerability/CVE-2021-22798,Insufficiently Protected Credentials in Conext ComBox by Schneider Electric,"The vulnerability identified in Schneider Electric's Conext ComBox allows for sensitive data exposure, including login credentials, due to insufficient protection against network sniffing. Attackers can potentially intercept unprotected credentials, leading to unauthorized access and increased risk to network integrity. It is essential for users to implement security measures to safeguard against this type of exposure and to ensure that their systems are updated to mitigate risks associated with any vulnerabilities.",Schneider Electric,Conext� Combox (all Versions),7.5,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2022-02-11T17:40:33.000Z,0
CVE-2017-6019,https://securityvulnerability.io/vulnerability/CVE-2017-6019,,"An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot.",Schneider Electric,Schneider Electric Conext Combox,7.5,HIGH,0.015490000136196613,false,,false,false,false,,,false,false,,2017-04-07T22:00:00.000Z,0