Janitza Umg 96rm-e 24v(5222063)
4 CVEs affecting Janitza Umg 96rm-e 24v(5222063). Latest disclosed: 2026-03-10. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-41709 | Critical | 9.8 | 2026-03-10 | An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device. |
CVE-2025-41712 | Medium | 6.5 | 2026-03-10 | An unauthenticated remote attacker who tricks a user to upload a manipulated HTML file can get access to sensitive information on the device. This is a result… |
CVE-2025-41710 | Medium | 6.5 | 2026-03-10 | An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges. |
CVE-2025-41711 | Medium | 5.3 | 2026-03-10 | An unauthenticated remote attacker can use firmware images to extract password hashes and brute force plaintext passwords of accounts with limited access. |