Raffaele Bova

#6456of 53,632
42.1Total CVSS
Vulnerabilities · 5
Medium
1
High
3
Critical
1
PT-2026-28307
9.8
2026-03-28
Microchip · Microchip Timeprovider 4100 · CVE-2025-9497
**Name of the Vulnerable Software and Affected Versions** Microchip Time Provider 4100 versions prior to 2.5.0 **Description** A use of hard-coded credentials issue exists in Microchip Time Provider 4100, potentially allowing for malicious manual software updates. **Recommendations** Update Microchip Time Provider 4100 to version 2.5.0 or later.
PT-2025-42791
8.9
2025-10-20
Microchip · Microchip Timeprovider 4100 · CVE-2025-47900
**Name of the Vulnerable Software and Affected Versions** Microchip Time Provider 4100 versions prior to 2.5 **Description** An improper neutralization of special elements used in an OS command vulnerability exists in Microchip Time Provider 4100, allowing for OS command injection. This issue relates to remote code execution through the backup configuration password. **Recommendations** Update to a version newer than 2.5.
PT-2025-42796
8.9
2025-10-20
Microchip · Microchip Timeprovider 4100 · CVE-2025-47901
**Name of the Vulnerable Software and Affected Versions** Microchip Time Provider 4100 versions prior to 2.5 **Description** An improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in Microchip Time Provider 4100. This allows for OS Command Injection. The issue relates to restoring the configuration password. **Recommendations** Update Microchip Time Provider 4100 to version 2.5 or later.
PT-2025-42797
8.8
2025-10-20
Microchip · Microchip Timeprovider 4100 · CVE-2025-47902
**Name of the Vulnerable Software and Affected Versions** Microchip Time Provider 4100 versions prior to 2.5 **Description** An improper neutralization of special elements used in an SQL command ('SQL Injection') issue exists in Microchip Time Provider 4100. This allows for SQL Injection. The vulnerability is present in the web resource. The `SQL` command is not properly sanitized, potentially allowing an attacker to inject malicious code. **Recommendations** Update Microchip Time Provider 4100 to version 2.5 or later.
PT-2025-30400
5.7
2025-07-22
Microchip · Timeprovider 4100 · CVE-2025-47904
**Name of the Vulnerable Software and Affected Versions** Microchip Time Provider 4100 versions prior to 2.5 **Description** A flaw exists in Microchip Time Provider 4100 that permits malicious manual software updates due to a missing integrity check during code download. **Recommendations** Update to version 2.5 or later.