Sick Tdc-x401gl_firmware

13 CVEs affecting Sick Tdc-x401gl_firmware. Latest disclosed: 2026-01-15. Critical: 2, High: 2.

Top CVEs affecting Sick Tdc-x401gl_firmware
CVESeverityScorePublishedSummary
CVE-2026-22907Critical9.92026-01-15An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data.
CVE-2026-22908Critical9.12026-01-15Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality.
CVE-2026-22910High7.52026-01-15The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represen…
CVE-2026-22909High7.52026-01-15Certain system functions may be accessed without proper authorization, allowing attackers to start, stop, or delete installed applications, potentially disrupt…
CVE-2026-22911Medium5.32026-01-15Firmware update files may expose password hashes for system accounts, which could allow a remote attacker to recover credentials and gain unauthorized access t…
CVE-2026-22918Medium4.32026-01-15An attacker may exploit missing protection against clickjacking by tricking users into performing unintended actions through maliciously crafted web pages, lea…
CVE-2026-22917Medium4.32026-01-15Improper input handling in a system endpoint may allow attackers to overload resources, causing a denial of service.
CVE-2026-22916Medium4.32026-01-15An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leadi…
CVE-2026-22915Medium4.32026-01-15An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive information.
CVE-2026-22914Medium4.32026-01-15An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation.
CVE-2026-22913Medium4.32026-01-15Improper handling of a URL parameter may allow attackers to execute code in a user's browser after login. This can lead to the extraction of sensitive data.
CVE-2026-22912Medium4.32026-01-15Improper validation of a login parameter may allow attackers to redirect users to malicious websites after authentication. This can lead to various risk includ…
CVE-2026-22919Low3.82026-01-15An attacker with administrative access may inject malicious content into the login page, potentially enabling cross-site scripting (XSS) attacks, leading to th…