Sauter Controls Sauter Controls

  1. Vendors
  2. Sauter Controls

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Sauter Controls product.

RSS Feeds for Sauter Controls security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Sauter Controls products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Sauter Controls Sorted by Most Security Vulnerabilities since 2018

Sauter Controls Ey As525f001 Firmware5 vulnerabilities

Sauter Controls Bacnetstac1 vulnerability

Sauter Controls Case Suite1 vulnerability

Sauter Controls Moduweb Firmware1 vulnerability

Sauter Controls Moduweb Vision1 vulnerability

Sauter Controls Novaweb Web Hmi1 vulnerability

By the Year

In 2026 there have been 0 vulnerabilities in Sauter Controls. Sauter Controls did not have any published security vulnerabilities last year.




Year Vulnerabilities Average Score
2026 0 0.00
2025 0 0.00
2024 0 0.00
2023 6 6.35
2022 1 9.60
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 1 7.50

It may take a day or so for new Sauter Controls vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Sauter Controls Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2023-28655 Mar 27, 2023
Privilege Escalation via CVE-2023-28655 in Unknown Product A malicious user could leverage this vulnerability to escalate privileges or perform unauthorized actions in the context of the targeted privileged users.
Ey As525f001 Firmware
CVE-2023-28652 Mar 27, 2023
Authenticated Image Upload DoS via Malicious Image An authenticated malicious user could successfully upload a malicious image could lead to a denial-of-service condition.
Ey As525f001 Firmware
CVE-2023-28650 Mar 27, 2023
CVE-2023-28650: Remote JS Execution via Malicious Link (XSS) An unauthenticated remote attacker could provide a malicious link and trick an unsuspecting user into clicking on it. If clicked, the attacker could execute the malicious JavaScript (JS) payload in the targets security context.
Ey As525f001 Firmware
CVE-2023-27927 Mar 27, 2023
cPanel SMTP Password Leak Cleartext Credential Disclosure An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password in cleartext format, despite it being protected and hidden behind asterisks. The attacker could then perform further attacks using the SMTP credentials.
Ey As525f001 Firmware
CVE-2023-22300 Mar 27, 2023
Unauthenticated Exploit via Log Viewing Grants Privilege Escalation in Kibana An unauthenticated remote attacker could force all authenticated users, such as administrative users, to perform unauthorized actions by viewing the logs. This action would also grant the attacker privilege escalation.
Ey As525f001 Firmware
CVE-2023-0053 Mar 02, 2023
Cleartext FTP/TEL Credentials in SAUTER Controls Nova 200220 firmware 3.3-006 SAUTER Controls Nova 200220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. Any sensitive information communicated through these protocols, such as credentials, is sent in cleartext. An attacker could obtain sensitive information such as user credentials to gain access to the system.
Bacnetstac
CVE-2022-40190 Oct 31, 2022
SAUTER Controls moduWeb Reflective XSS in 2.7.1 Web App (CVE-2022-40190) SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users browsers and steal sensitive information, including user credentials.
Moduweb Firmware
CVE-2018-17912 Nov 02, 2018
An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure.
Case Suite
CVE-2016-10224 Feb 13, 2017
An issue was discovered in Sauter NovaWeb web HMI An issue was discovered in Sauter NovaWeb web HMI. The application uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is valid for the associated user.
Novaweb Web Hmi
CVE-2015-7916 Feb 06, 2016
Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query.
Moduweb Vision
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.