threat
engine
.sh
Back
·
··:··
Home
/
Product
/
sick tdc x401gl firmware
Product
sick tdc x401gl firmware
13 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-22919
< 1.5.0
An attacker with administrative access may inject malicious content into the login page, potentially enabling cross-site scripting
3.8
LOW
CVE-2026-22918
all versions
An attacker may exploit missing protection against clickjacking by tricking users into performing unintended actions through malic
4.3
MEDIUM
CVE-2026-22917
< 1.5.0
Improper input handling in a system endpoint may allow attackers to overload resources, causing a denial of service.
4.3
MEDIUM
CVE-2026-22916
all versions
An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper re
4.3
MEDIUM
CVE-2026-22915
all versions
An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive
4.3
MEDIUM
CVE-2026-22914
all versions
An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to
4.3
MEDIUM
CVE-2026-22913
< 1.5.0
Improper handling of a URL parameter may allow attackers to execute code in a user's browser after login. This can lead to the ext
4.3
MEDIUM
CVE-2026-22912
< 1.5.0
Improper validation of a login parameter may allow attackers to redirect users to malicious websites after authentication. This ca
4.3
MEDIUM
CVE-2026-22911
all versions
Firmware update files may expose password hashes for system accounts, which could allow a remote attacker to recover credentials a
5.3
MEDIUM
CVE-2026-22910
all versions
The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unaut
7.5
HIGH
CVE-2026-22909
all versions
Certain system functions may be accessed without proper authorization, allowing attackers to start, stop, or delete installed appl
7.5
HIGH
CVE-2026-22908
< 1.4.0
Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its
9.1
CRITICAL
CVE-2026-22907
< 1.4.0
An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data.
9.9
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin