Microchip Timeprovider_4100_firmware
11 CVEs affecting Microchip Timeprovider_4100_firmware. Latest disclosed: 2026-02-24. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-43685 | Critical | 9.8 | 2024-10-04 | Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 be… |
CVE-2025-47902 | High | 8.8 | 2025-10-20 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Microchip Time Provider 4100 allows SQL Injection.This is… |
CVE-2025-47901 | High | 8.8 | 2025-10-20 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Microchip Time Provider 4100 allows OS Command Inje… |
CVE-2025-47900 | High | 8.8 | 2025-10-20 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Microchip Time Provider 4100 allows OS Command Inje… |
CVE-2024-9054 | High | 8.8 | 2024-10-04 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Exposure of Sensitive Information to an Unauthorized Actor vulnerab… |
CVE-2024-43684 | High | 8.8 | 2024-10-04 | Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects… |
CVE-2024-7801 | Medium | 6.5 | 2024-10-04 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Microchip TimeProvider 4100 (Data plot modules) allows SQ… |
CVE-2024-43687 | Medium | 6.1 | 2024-10-04 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (banner config modules… |
CVE-2024-43686 | Medium | 6.1 | 2024-10-04 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (data plot modules) al… |
CVE-2024-43683 | Medium | 6.1 | 2024-10-04 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvide… |
CVE-2025-47904 | Medium | 4.1 | 2026-02-24 | Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider… |