CVE Tools

janitza

ICS / OT / IoTcommercial

7

Cumulative CVEs

1

Monthly snapshots

#22

Peak rank

Top products

umg 5087 umg 5097 umg 5117

Latest CVEs

The 14 most recently published vulnerabilities affecting janitza.

CVE-2025-41712Incorrect Permission Assignment on power analyzer6.5Mar 10, 2026
CVE-2025-41711Use of a Broken or Risky Cryptographic Algorithm for firmware images of power analyzer5.3Mar 10, 2026
CVE-2025-41710Use of Hard-coded Credentials in power analyzer6.5Mar 10, 2026
CVE-2025-41709Command injection in power analyzer via Modbus-TCP and Modbus-RTU9.8Mar 10, 2026
CVE-2025-41729DoS via Modbus Read Command7.5Nov 24, 2025
CVE-2023-50894In Janitza GridVis through 9.0.66, use of hard-coded credentials in the de.janitza.pasw.feature.impl.activators.PasswordEncryption password encryption function allows remote authenticated administr...8.8Mar 26, 2024
CVE-2023-50895In Janitza GridVis through 9.0.66, exposed dangerous methods in the de.janitza.pasw.project.server.ServerDatabaseProject project load functionality allow remote authenticated administrative users t...7.2Mar 26, 2024
CVE-2015-3970Multiple cross-site scripting (XSS) vulnerabilities in the web interface on Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to inject arbitrary web script or HTML via unspeci...4.3Oct 28, 2015
CVE-2015-3968The FTP service on Janitza UMG 508, 509, 511, 604, and 605 devices has a default password, which makes it easier for remote attackers to read or write to files via a session on TCP port 21.7.5Oct 28, 2015
CVE-2015-3973Janitza UMG 508, 509, 511, 604, and 605 devices improperly generate session tokens, which makes it easier for remote attackers to determine a PIN value via unspecified computations on session-token...5.0Oct 28, 2015
CVE-2015-3969Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to obtain sensitive network-connection information via a request to UDP port (1) 1234 or (2) 1235.5.0Oct 28, 2015
CVE-2015-3971The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices does not require authentication, which allows remote attackers to read or write to files, or execute arbitrary JASIC code, via...7.5Oct 28, 2015
CVE-2015-3972The web interface on Janitza UMG 508, 509, 511, 604, and 605 devices supports only short PIN values for authentication, which makes it easier for remote attackers to obtain access via a brute-force...10.0Oct 28, 2015
CVE-2015-3967Cross-site request forgery (CSRF) vulnerability on Janitza UMG 508, 509, 511, 604, and 605 devices allows remote attackers to hijack the authentication of arbitrary users.6.8Oct 28, 2015