IKS, EDS Security Vulnerabilities

RHEL 7 : evolution-data-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. evolution-data-server: Unsafe use of strcat allows buffer overflow in...

RHEL 6 : evolution-data-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. evolution-data-server: Unsafe use of strcat allows buffer overflow in...

RHEL 5 : evolution-data-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. evolution-data-server: Unsafe use of strcat allows buffer overflow in...

BIT-envoy-2022-29224

Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health checking. One of them uses gRPC. Envoy also has a feature which can “hold” (prevent removal)...

Moxa EDS Device Detection Consolidation

Consolidation of Moxa EDS device...

CVE-2024-0387

The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious...

CVE-2024-0387

The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious...

Design/Logic Flaw

The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious...

CVE-2024-0387 EDS-4000/G4000 Series IP Forwarding Vulnerability

The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious...

High-Severity Flaws Uncovered in Bosch Thermostats and Smart Nutrunners

Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners that, if successfully exploited, could allow attackers to execute arbitrary code on affected systems. Romanian cybersecurity firm Bitdefender, which discovered the flaw in...

Rocky Linux 8 : evolution (RLSA-2020:4649)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:4649 advisory. evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a begin TLS response, eds reads...

CVE-2023-4217

A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and...

CVE-2023-5035

A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP session. The vulnerability may lead to security risks,...

Information disclosure

A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and...

Design/Logic Flaw

A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP session. The vulnerability may lead to security risks,...

eds-pizza.de Cross Site Scripting vulnerability OBB-3621052

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Moxa EDS-G512E Cross-site Scripting (CVE-2017-13700)

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. There is XSS in the administration interface. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa IKS, EDS Cross-Site Request Forgery (CVE-2019-6561)

Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa Industrial Managed Switch Cross-site Scripting (CVE-2015-6466)

Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified field. This plugin only works with...

Moxa IKS, EDS Predictable From Observable State (CVE-2019-6563)

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa IKS, EDS Uncontrolled Resource Consumption (CVE-2019-6559)

Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to crash. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa EDS-G512E improper cookie management (CVE-2017-13702)

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. Cookies can be stolen, manipulated, and reused. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa IKS, EDS Buffer Copy Without Checking Size of Input (CVE-2019-6557)

Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa Industrial Managed Switch Uncontrolled Resource Consumption (CVE-2015-6465)

The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service (reboot) via a crafted URL. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa EDS-G512E Buffer Overflow in sessionID (CVE-2017-13703)

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may occur. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa IKS, EDS Plaintext Storage of a Password (CVE-2019-6518)

Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa IKS, EDS Improper Access Control (CVE-2019-6520)

Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration changes. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Use of Hard-Coded Cryptographic Key (CVE-2020-6979)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a hard-coded cryptographic key, increasing the possibility that confidential data can be recovered. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa EDS Ethernet Switches Uncontrolled Resource Consumption (CVE-2019-19707)

On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery packets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Weak Password Requirements (CVE-2020-6991)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Stack-Based Buffer Overflow (CVE-2020-7007)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa Industrial Managed Switch Improper Privilege Management (CVE-2015-6464)

The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web- developer plugin. This plugin only works with Tenable.ot. Please visit...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Cleartext Transmission of Sensitive Information (CVE-2020-6997)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive information is transmitted over some web applications in cleartext. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa IKS, EDS Missing Encryption of Sensitive Data (CVE-2019-6526)

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...

Moxa EDS-G512E Inadequate Encryption Strength (CVE-2017-13699)

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The password encryption method can be retrieved from the firmware. This encryption method is based on a chall value that is sent in cleartext as a POST parameter. An attacker could reverse the password encryption algorithm to...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-7001)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Use of Hard-Coded Credentials (CVE-2020-6981)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker may gain access to the system without proper authentication. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa EDS-G512E improper password storage in backup files (CVE-2017-13701)

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no salt for password hashing. Indeed passwords are stored without being ciphered with a timestamped ciphering method. This plugin only works with...

Moxa EDS-G512E Use of Default Private Keys (CVE-2017-13698)

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. An attacker could extract public and private keys from the firmware image available on the MOXA website and could use them against a production switch that has the default keys embedded. This plugin only works with Tenable.ot....

Moxa IKS, EDS Out-of-Bounds Read (CVE-2019-6522)

Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot. This plugin only works with Tenable.ot. Please visit...

Moxa IKS, EDS Improper Restriction of Excessive Authentication Attempts (CVE-2019-6524)

Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force attack. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa IKS, EDS Improper Neutralization of Input During Web Page Generation (CVE-2019-6565)

Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attacks, which may be used to send a malicious script. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

eds-pizza.de Cross Site Scripting vulnerability OBB-3256714

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Defending against AI Lobbyists

When is it time to start worrying about artificial intelligence interfering in our democracy? Maybe when an AI writes a letter to The New York Times opposing the regulation of its own technology. That happened last month. And because the letter was responding to an essay we wrote, we're starting...

eds-pizza.de Cross Site Scripting vulnerability OBB-3031628

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2011-2530

Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed .eds...

CVE-2011-2530

Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed .eds...

eds-pizza.de Cross Site Scripting vulnerability OBB-2793261

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Oracle Linux 7 : olcne (ELSA-2022-9587)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9587 advisory. Istio is an open platform to connect, manage, and secure microservices. In affected versions ill-formed headers sent to Envoy in certain...

Oracle Linux 8 : olcne (ELSA-2022-9588)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9588 advisory. Istio is an open platform to connect, manage, and secure microservices. In affected versions ill-formed headers sent to Envoy in certain...