GCVE - cpe:2.3:a:janitza:umg_96rm-e_230v(5222062):*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:janitza:umg_96rm-e_230v(5222062):*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Janitza (`6805cb23-b84f-50af-bb88-2f0896ee4475`)
Product	Umg 96Rm E 230V(5222062) (`ba13075d-fe09-55ba-a4de-020c14423069`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-41712`	vulnerable	2026-06-08 07:25:07.799291	Incorrect Permission Assignment on power analyzer MEDIUM (6.5) An unauthenticated remote attacker who tricks a user to upload a manipulated HTML file can get access to sensitive information on the device. This is a result of incorrect permission assignment for the web server. Published: 2026-03-10T08:27:10.120Z Updated: 2026-03-10T16:51:35.020Z Open on db.gcve.eu Reference links https://certvde.com/en/advisories/VDE-2025-079/ https://certvde.com/en/advisories/VDE-2025-096/ https://janitza.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-079.json https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-096.json	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-41711`	vulnerable	2026-06-08 07:25:07.798912	Use of a Broken or Risky Cryptographic Algorithm for firmware images of power analyzer MEDIUM (5.3) An unauthenticated remote attacker can use firmware images to extract password hashes and brute force plaintext passwords of accounts with limited access. Published: 2026-03-10T08:26:48.759Z Updated: 2026-03-10T16:51:40.984Z Open on db.gcve.eu Reference links https://certvde.com/en/advisories/VDE-2025-079/ https://certvde.com/en/advisories/VDE-2025-096/ https://janitza.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-079.json https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-096.json	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-41710`	vulnerable	2026-06-08 07:25:07.798541	Use of Hard-coded Credentials in power analyzer MEDIUM (6.5) An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges. Published: 2026-03-10T08:26:30.909Z Updated: 2026-03-10T16:51:47.193Z Open on db.gcve.eu Reference links https://certvde.com/en/advisories/VDE-2025-079/ https://certvde.com/en/advisories/VDE-2025-096/ https://janitza.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-079.json https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-096.json	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-41709`	vulnerable	2026-06-08 07:25:07.796804	Command injection in power analyzer via Modbus-TCP and Modbus-RTU CRITICAL (9.8) An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device. Published: 2026-03-10T08:26:14.936Z Updated: 2026-03-18T08:16:28.698Z Open on db.gcve.eu Reference links https://certvde.com/en/advisories/VDE-2025-079/ https://certvde.com/en/advisories/VDE-2025-096/ https://janitza.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-079.json https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-096.json	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.