Siemens Energy Omnivise T3000 version 8.2 SP3 suffers from local privilege escalation, cleartext storage of passwords in configuration and log files, file system access allowing for arbitrary file download, and IP whitelist bypass.
f3ace4f4cb5b84a560a9593357976ec236f7e116327a16dffefa142cb8440217Siemens CP-8000, CP-8021, CP8-022, CP-8031, CP-8050, and SICORE products suffer from buffer overread, privilege escalation, and unsafe storage vulnerabilities.
210325d821a98d66d87a72d0c8a73147b1c6fa89ca3315050b61035edfb74955Siemens CP-XXXX Series (CP-2014, CP-2016, CP-2017, CP-2019, CP-5014) expose serial shells on multiple PLCs. A serial interface can be accessed with physical access to the PCB. After connecting to the interface, access to a shell with various debug functions as well as a login prompt is possible. The hardware is no longer produced nor offered to the market.
440f519186700c01806ac2012a5bbe75033e8be274d7314185fa93b11e2ef29bSiemens A8000 CP-8050 and CP-8031 MASTER MODULE versions 04.92 and below suffer from remote code execution, command injection, hard-coded password, and console login vulnerabilities.
61cdf36c1ecb8a689b5d1609b70af4afbbfe93f06571b226262e46776c6f150bThis Metasploit module exploits a buffer overflow in the zhttpd binary (/bin/zhttpd). It is present on more than 40 Zyxel routers and CPE devices. The code execution vulnerability can only be exploited by an attacker if the zhttp webserver is reachable. No authentication is required. After exploitation, an attacker will be able to execute any command as root, including downloading and executing a binary from another host.
fc9419af3871336277cafde42125966d876812e4e57c8b48da3a83050219381fArris DG3450 cable gateway version AR01.02.056.18_041520_711.NCS.10 suffers from cross site scripting and missing authentication vulnerabilities.
c86cd78224d0a1dc11fa8725e61327ea16bc608bd258e5251a6ecfda7f8bb033B&R Systems Diagnostics Manager versions above or equal to 3.00 and below or equal to C4.93 suffer from a cross site scripting vulnerability.
73c092297c794cf9f02f7442ef627100dbeb5b3e8758091b6d6bf2c262200495Zhuhai Suny Technology ESL Tag suffers from replay attacks and a forgery attack allowing for the displaying of arbitrary contents.
8a27a8ec1a40c485612406d067e803d86d138460771fe55dd5f37c04f5c55870Simmeth System GmbH Supplier Manager (Lieferantenmanager) versions prior to 5.6 suffer from authentication bypass, code execution, cross site scripting, information leakage, remote SQL injection, and various other vulnerabilities.
6eddce047a1f5ab31ff59fc32cdd934d9a0dbd6474090fe26968d79a7d77daf2COVESA versions 2.18.8 and below suffer from heap buffer over-read and null pointer dereference vulnerabilities.
548515ca72e9a559204cae299150309e86e1f034ccca3a9cd876a5da99d81eb2SIEMENS-SINEMA Remote Connect versions 3.0.1.0-01.01.00.02 and below suffer from a cross site scripting vulnerability.
a3bce9850f8342f5aa74a6bc3820d1c8dfe51fd338fcf68fc68e9703dfacb807Gentics CMS version 5.36.29 suffers from persistent cross site scripting and unsafe java deserialization vulnerabilities.
e4580392eca1aaa2baef87c51030e06d2fcb0c618e86aa5b369549cadf1c84c3Infiray IRAY-A8Z3 thermal camera version 1.0.957 suffers from hardcoded web credential, authenticated remote code execution, buffer overflow, lack of password for root, and outdated software component vulnerabilities.
9d819d8481e8887a675b01f13926006193f4ee62a19071ae5db1494a8550bcb0dbus-broker-29 suffers from multiple memory corruption vulnerabilities. dbus-broker-31 addresses these issues.
1688a18cca9d3b422b451318fd542b12535ebb6ef1eb8f23ae56ff707d1b4659Siemens A8000 CP-8050/CP-8031 SICAM WEB suffers from denial of service and a missing authentication vulnerability that allows for file download.
7f0a0ec0c017ac5bb71670246359ab27291e0f6543e3a3b66f3b4ecf9cd874dcMultiple Zyxel devices suffer from buffer overflow, local file disclosure, unsafe storage of sensitive data, command injection, broken access control, symbolic link processing, cross site request forgery, and cross site scripting vulnerabilities.
0ba1f45b7a5254a119e2a3aeddf4279392e2e0120fe45790d15563c4eadf7fd2WAGO 750-8xxx PLC versions prior to Firmware 20 Patch 1 (v03.08.08) suffer from denial of service and user enumeration vulnerabilities.
3baa93a2d3f1b5ab0f4e0408fec68f1c11444bf8af50dc66f28f63e877786d44Cisco IP Phone Series 78x1, 88x5, 88x1, 7832, 8832, 8821 and 3905 suffer from an insecure password storage vulnerability.
448c7c5cfcae3fc7bd414ad5be07cfbb1b7d955c723ac1c0f73d5e456f4c69e5CODESYS Runtime Toolkit 32-bit versions prior to 2.4.7.56 suffer from a denial of service vulnerability.
e2c08ed088508dee09719da1812fdba8c069873d79d63fec42f1375ec7b871d9High Infinity Technology HiKam S6 versions 1.3.26 and below suffer from broken authentication, enumeration, message protocol downgrade, insufficient use of cryptography, insufficient message protocol checks, device spoofing, outdated components, and weak default credential vulnerabilities. suffers from bypass, man-in-the-middle, and spoofing vulnerabilities.
e3dfeccfa868c00933c774cf40a1a7c35ae63edfea2f05f80a5a710d97902941NetModule Router Software versions prior to 4.3.0.113, 4.4.0.111, and 4.5.0.105 suffer from insecure password handling and session fixation vulnerabilities.
55c2cd76e6eb849928d497ed398e7ef24c35c003556aab944b5829e79cdf8dc6SIS-REWE GO version 7.5.0/12C suffers from multiple cross site scripting vulnerabilities.
cf57e1ea5b94b158d4041349a0500d013dd5f4797be8de63faf32cf9759b8347ZTE WLAN router MF253V version 1.0.0B04 suffers from cross site request forgery, hardcoded password, outdated component, and cross site scripting vulnerabilities.
2ad4c83e851b5a6d905cd41028173a338d0361610fcbc55e00ab71b116573c19
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed