This page lists publicly disclosed CVE vulnerabilities affecting sick apu0200_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-5103 | Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged remote attacker to potentially reveal sensitive information via tricking a user into clicking on an actionable item using an iframe. | [email protected] | 4.3 | 0.45% | 2023-10-09 | 2026-06-17 |
| CVE-2023-5102 | Insufficient Control Flow Management in RDT400 in SICK APU allows an unprivileged remote attacker to potentially enable hidden functionality via HTTP requests. | [email protected] | 5.3 | 0.57% | 2023-10-09 | 2026-06-17 |
| CVE-2023-5101 | Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged remote attacker to download various files from the server via HTTP requests. | [email protected] | 5.3 | 0.57% | 2023-10-09 | 2026-06-17 |
| CVE-2023-5100 | Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged remote attacker to retrieve potentially sensitive information via intercepting network traffic that is not encrypted. | [email protected] | 5.9 | 0.35% | 2023-10-09 | 2026-06-17 |
| CVE-2023-43698 | Improper Neutralization of Input During Web Page Generation (’Cross-site Scripting’) in RDT400 in SICK APU allows an unprivileged remote attacker to run arbitrary code in the clients browser via injecting code into the website. | [email protected] | 7.1 | 0.48% | 2023-10-09 | 2026-06-17 |
| CVE-2023-43697 | Modification of Assumed-Immutable Data (MAID) in RDT400 in SICK APU allows an unprivileged remote attacker to make the site unable to load necessary strings via changing file paths using HTTP requests. | [email protected] | 6.5 | 0.65% | 2023-10-09 | 2026-06-17 |
| CVE-2023-43700 | Missing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data via HTTP requests that no not require authentication. | [email protected] | 7.7 | 0.63% | 2023-10-09 | 2026-06-17 |
| CVE-2023-43699 | Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU allows an unprivileged remote attacker to guess the password via trial-and-error as the login attempts are not limited. | [email protected] | 7.5 | 0.72% | 2023-10-09 | 2026-06-17 |
| CVE-2023-43696 | Improper Access Control in SICK APU allows an unprivileged remote attacker to download as well as upload arbitrary files via anonymous access to the FTP server. | [email protected] | 8.2 | 0.65% | 2023-10-09 | 2026-06-17 |