CVE-2019-6533
CRITICALPR100088 Modbus Gateway Firmware < r02 - Unauthenticated Register Read/Write via Web Interface
Title source: llmDescription
Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166).
References (1)
Core 1
Core References
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05
Scores
CVSS v3
9.1
EPSS
0.0123
EPSS Percentile
65.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-306
Status
published
Products (1)
kunbus/pr100088_modbus_gateway_firmware
< r02
Published
Feb 12, 2019
Tracked Since
Feb 18, 2026