Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Kunbus

Source -

CNA

BOS Name -

KUNBUS GmbH

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
2Vulnerabilities found
CVE-2025-41646
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-13.30% / 93.90%
||
7 Day CHG~0.00%
Published-06 Jun, 2025 | 14:42
Updated-10 Jun, 2025 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RevPi Webstatus application is vulnerable to an authentication bypass

An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device

Action-Not Available
Vendor-KUNBUS GmbH
Product-revpi_statusRevolution Pi webstatus
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2019-6531
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.1||HIGH
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-02 Apr, 2019 | 19:15
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An attacker could retrieve passwords from a HTTP GET request from the Kunbus PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) if the attacker is in an MITM position.

Action-Not Available
Vendor-KUNBUS GmbH
Product-pr100088_modbus_gateway_firmwarepr100088_modbus_gatewayPR100088 Modbus gateway
CWE ID-CWE-598
Use of GET Request Method With Sensitive Query Strings