浏览 18+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2019-25234 | Carlo Gavazzi SmartHouse Webapp 6.5.33 Cross-Site Request Forgery and XSS | Carlo Gavazzi AB | SmartHouse Webapp | Medium | 5.3 | 2025-12-24 19:27:55 | Deep Dive |
| CVE-2017-20184 | Carlo Gavazzi Powersoft prone to Path Traversal | Carlo Gavazzi | Powersoft | High | 7.5 | 2023-05-04 09:17:54 | Deep Dive |
| CVE-2022-28816 | Reflected XSS in Carlo Gavazzi UWP 3.0 | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Medium | 6.1 | 2022-09-28 13:45:37 | Deep Dive |
| CVE-2022-28815 | SQL-Injection in Carlo Gavazzi UWP 3.0 Sentilo Proxy | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Low | 2.7 | 2022-09-28 13:45:36 | Deep Dive |
| CVE-2022-28814 | Path traversal in Carlo Gavazzi UWP 3.0 could lead to full device access | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Critical | 9.8 | 2022-09-28 13:45:35 | Deep Dive |
| CVE-2022-28812 | Use of Hard-coded Credentials in UWP3.0 allows SuperUser authentication bypass in Car Park Server. | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Critical | 9.8 | 2022-09-28 13:45:33 | Deep Dive |
| CVE-2022-28811 | Possible command injection in Car Park Server in Carlo Gavazzi UWP3.0 | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Critical | 9.8 | 2022-09-28 13:45:32 | Deep Dive |
| CVE-2022-22526 | Missing authentication for API in Carlo Gavazzi UWP 3.0 Car Park Server | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Critical | 9.8 | 2022-09-28 13:45:31 | Deep Dive |
| CVE-2022-22524 | SQL-injection in Carlo Gavazzi UWP 3.0 allows for full database access | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Critical | 9.4 | 2022-09-28 13:45:30 | Deep Dive |
| CVE-2022-22525 | Command injection in restore function of Carlo Gavazzi UWP3.0 allows for command injection | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | High | 7.2 | 2022-09-28 13:45:30 | Deep Dive |
| CVE-2022-22523 | Carlo Gavazzi UWP 3.0 WebApp allows for authentication bypass | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | High | 7.5 | 2022-09-28 13:45:29 | Deep Dive |
| CVE-2022-22522 | Hard-coded credentials in Carlo Gavazzi UWP3.0 allows for authentication bypass and full control of the device | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | Critical | 9.8 | 2022-09-28 13:45:28 | Deep Dive |
| CVE-2022-28813 | SQL-injection in Car Park Server 3.0 allows for full database access. | Carlo Gavazzi | UWP 3.0 Monitoring Gateway and Controller | High | 7.5 | 2022-09-28 00:00:00 | Deep Dive |
| CVE-2017-5146 | Carlo Gavazzi Automation VMU-C EM和VMU-C PV 信息泄露漏洞 | - | Carlo Gavazzi VMU-C EM and VMU-C PV | 高危 | - | 2017-02-13 21:00:00 | Deep Dive |
| CVE-2017-5145 | Carlo Gavazzi Automation VMU-C EM和VMU-C PV 跨站请求伪造漏洞 | - | Carlo Gavazzi VMU-C EM and VMU-C PV | 超危 | - | 2017-02-13 21:00:00 | Deep Dive |
| CVE-2017-5144 | Carlo Gavazzi Automation VMU-C EM和VMU-C PV 安全漏洞 | - | Carlo Gavazzi VMU-C EM and VMU-C PV | 超危 | - | 2017-02-13 21:00:00 | Deep Dive |
| CVE-2012-6427 | Carlo Gavazzi EOS Box SQL Injection | Carlo Gavazzi Automation | EOS-Box | 高危 | - | 2012-12-23 21:00:00 | Deep Dive |
| CVE-2012-6428 | Carlo Gavazzi EOS Box Hard-Coded Credentials | Carlo Gavazzi Automation | EOS-Box | 高危 | - | 2012-12-23 21:00:00 | Deep Dive |