Hitachi Energy TXpert Hub Coretec 4 Firmware 2.1.1
Approved changes feed: RSS · Atom
cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.1:*:*:*:*:*:*:*
part: o version: 2.1.1 update: *
| Vendor | Hitachienergy (2cd248c7-aee9-59a5-80aa-6fb18cc538ff) |
|---|---|
| Product | Txpert Hub Coretec 4 Firmware (10f3706b-2666-510c-a3e7-8c2f386f229f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-35532 |
vulnerable | 2026-06-03 14:44:56.610448 |
Firmware upload verification bypass in TXpert Hub CoreTec 4
A vulnerability exists in the file upload validation part of Hitachi Energy TXpert Hub CoreTec 4 product. The vulnerability allows an attacker or malicious agent who manages to gain access to the system and obtain an account with sufficient privilege to upload a malicious firmware to the product. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1.
Published: 2022-06-07T20:04:14.525Z
Updated: 2024-09-16T22:30:08.831Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-35531 |
vulnerable | 2026-06-03 14:44:56.609918 |
Remote Code Execution in TXpert Hub CoreTec 4
Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1.
Published: 2022-06-07T20:07:37.055Z
Updated: 2024-09-16T16:12:33.151Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-35530 |
vulnerable | 2026-06-03 14:44:56.606958 |
User authentication bypass in TXpert Hub CoreTec 4
MEDIUM (6)
A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's TXpert Hub CoreTec 4, that depends on a token validation of the session identifier, allows an unauthorized modified message to be executed in the server enabling an unauthorized actor to change an existing user password, and further gain authorized access into the system via login mechanism. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0 2.1.0; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1.
Published: 2022-06-07T20:17:07.848Z
Updated: 2024-09-16T23:26:19.387Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.