Fujitsu Limited Real-time Video Transmission Gear "IP series" contains a use of hard-coded credentials vulnerability that can result in an attacker logging into the web interface using the obtained credentials.

Sources: CISA, Fujitsu Limited

Softneta MedDream PACS contains exposed dangerous method or function and plaintext storage of a password vulnerabilities that can allow an attacker to obtain and leak plaintext credentials or remotely execute arbitrary code.

Sources: CISA, Softneta

Apache Rocket MQ contains a command execution vulnerability that can result in remote execution.

Sources: CISA, NIST

Dover Fueling Solutions MAGLINK LX Console contains authentication bypass using an alternate path or channel, improper access control and path traversal vulnerabilities that can allow an attacker to gain full access to the system.

Sources: CISA, Dover

Phoenix Contact TC ROUTER and TC CLOUD CLIENT contain cross-site scripting and XML entity expansion vulnerabilities that can execute code in the context of the user's browser or cause a denial of service.

Sources: CISA, Phoenix Contact

Socomec MOD3GP-SY-120K contains cross-site scripting, cross-site request forgery, insecure storage of sensitive information and more vulnerabilities that can allow an attacker to execute malicious Javascript code, obtain sensitive information or steal session cookies.

Sources: CISA, Socomec

Delta Electronics CNCSoft-B DOPSoft (Update) contains stack-based buffer overflow and heap-based buffer overflow vulnerabilities that can allow an attacker to exploit a buffer overflow condition and remotely execute arbitrary code.

Sources: CISA, Delta Electronics