Lucene search
PRIOn knowledge basePRION:CVE-2015-4051HistoryJun 08, 2015 - 2:59 p.m.
Design/Logic Flaw
2015-06-0814:59:00
PRIOn knowledge base
www.prio-n.com
4
Beckhoff IPC Diagnostics before 1.8 does not properly restrict access to functions in /config, which allows remote attackers to cause a denial of service (reboot or shutdown), create arbitrary users, or possibly have unspecified other impact via a crafted request, as demonstrated by a beckhoff.com:service:cxconfig:1#Write SOAP action to /upnpisapi.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ipc_diagnostics | le | 1.7 |
References
ftp.beckhoff.com/download/document/IndustPC/Advisory-2015-001.pdf
packetstormsecurity.com/files/132168/Beckhoff-IPC-Diagnositcs-Authentication-Bypass.html
packetstormsecurity.com/files/134071/Beckoff-CX9020-CPU-Model-Remote-Code-Execution.html
seclists.org/fulldisclosure/2015/Jun/10
www.securityfocus.com/bid/75042
www.thesecurityfactory.be/permalink/beckhoff-authentication-bypass.html
Related
exploitdb
exploitdb
Beckhoff CX9020 CPU Module - Remote Code Execution
2015-10-22 00:00:00
exploitpack
exploitpack
Beckhoff CX9020 CPU Module - Remote Code Execution
2015-10-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Beckhoff IPC Diagnostics Denial Of Service (CVE-2015-4051)
2021-05-10 00:00:00
nvd
nvd
CVE-2015-4051
2015-06-08 14:59:12
cve
cve
CVE-2015-4051
2015-06-08 14:59:12
nessus
nessus
Beckhoff Ipc Improper Access Control
2020-05-27 00:00:00
Beckhoff (CVE-2015-4051) (deprecated)
2022-02-07 00:00:00
packetstorm
packetstorm
Beckhoff IPC Diagnositcs Authentication Bypass
2015-06-05 00:00:00
Beckoff CX9020 CPU Model Remote Code Execution
2015-10-23 00:00:00
cvelist
cvelist
CVE-2015-4051
2015-06-08 14:00:00