IKS, EDS Security Vulnerabilities
Pytm - A Pythonic Framework For Threat Modeling
Define your system in Python using the elements and properties described in the pytm framework. Based on your definition, pytm can generate, a Data Flow Diagram (DFD), a Sequence Diagram and most important of all, threats to your system. Requirements Linux/MacOS Python 3.x Graphviz package...
7.8AI Score
0.009EPSS
hustisford.k12.wi.us Cross Site Scripting vulnerability
Security Researcher Gh05tPT Helped patch 6844 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting hustisford.k12.wi.us website and its users. Following...
AI Score
new-zeland-list.com Cross Site Scripting vulnerability
Security Researcher geeknik Helped patch 8562 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting new-zeland-list.com website and its users. Following...
0.2AI Score
komal.hu Cross Site Scripting vulnerability
Security Researcher Dipu1A Helped patch 960 vulnerabilities Received 5 Coordinated Disclosure badges Received 20 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting komal.hu website and its users. Following coordinated and...
0.2AI Score
mx.dabinetwork.com.br Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1077518 Security Researcher MertC Helped patch 9 vulnerabilities Received 0 Coordinated Disclosure badges , found a security vulnerability affecting mx.dabinetwork.com.br website and its users. Following coordinated and responsible vulnerability disclosure guidelines of...
0.2AI Score
Artificial Personas and Public Discourse
Presidential campaign season is officially, officially, upon us now, which means it's time to confront the weird and insidious ways in which technology is warping politics. One of the biggest threats on the horizon: artificial personas are coming, and they're poised to take over political debate......
6.9AI Score
EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDS-G508E, EDS-G512E, and EDS-G516E Series Ethernet Switches Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could...
7.5CVSS
7.7AI Score
0.001EPSS
Multiple Moxa Products CVE-2019-19707 Denial of Service Vulnerability
Description Multiple Moxa Products are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause resource exhaustion to the affected device, denying service to legitimate users. Technologies Affected Moxa EDS-G508E Series 6 Moxa EDS-G512E Series 6 Moxa...
1.3AI Score
0.001EPSS
yoshinoyaamerica.com Cross Site Scripting vulnerability
Security Researcher metamorfosec Helped patch 1919 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting yoshinoyaamerica.com website and its users. ...
0.2AI Score
On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery...
7.5CVSS
7.5AI Score
0.001EPSS
On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery...
7.5CVSS
7.5AI Score
0.001EPSS
On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery...
7.5CVSS
7.5AI Score
0.001EPSS
On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery...
7.5AI Score
0.001EPSS
ellibehdad.com Cross Site Scripting vulnerability
Security Researcher metamorfosec Helped patch 1944 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting ellibehdad.com website and its users. Following...
0.2AI Score
projectfreetv.unblock.ws Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1024599 Security Researcher devl00p Helped patch 3025 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting projectfreetv.unblock.ws.....
0.2AI Score
playit-online.de Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1016682 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
0.7AI Score
Rockwellautomation Rslinx Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed .eds...
6.2AI Score
0.033EPSS
EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: IKS, EDS Vulnerabilities: Classic Buffer Overflow, Cross-site Request Forgery, Cross-site Scripting, Improper Access Controls, Improper Restriction of Excessive Authentication...
9.8CVSS
10AI Score
0.008EPSS
cluster-lidic-r.unsl.edu.ar Improper Access Control vulnerability
Security Researcher Rbcafe Helped patch 258 vulnerabilities Received 3 Coordinated Disclosure badges Received 7 recommendations , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting cluster-lidic-r.unsl.edu.ar website and its users. Following...
0.3AI Score
kv-telematik.de Cross Site Scripting vulnerability
Security Researcher SecuNinja Helped patch 3412 vulnerabilities Received 12 Coordinated Disclosure badges Received 69 recommendations , a holder of 12 badges for responsible and coordinated disclosure, found a security vulnerability affecting kv-telematik.de website and its users. Following...
0.1AI Score
Moxa Switch EDS-205A Detection
Moxa provides a wide range of products for industrial networking, computing, and automation. Moxa solutions are found in many industries including rail, transportation, oil and gas, and process...
2.7AI Score
Moxa Switch EDS-408A Detection
Moxa provides a wide range of products for industrial networking, computing, and automation. Moxa solutions are found in many industries including rail, transportation, oil and gas, and process...
2.7AI Score
Moxa Switch EDS-405A Detection
Moxa provides a wide range of products for industrial networking, computing, and automation. Moxa solutions are found in many industries including rail, transportation, oil and gas, and process...
2.7AI Score
Moxa Switch EDS-510A Detection
Moxa provides a wide range of products for industrial networking, computing, and automation. Moxa solutions are found in many industries including rail, transportation, oil and gas, and process...
2.7AI Score
Rockwell Automation RSLinx Classic < 2.58 DOS
Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed .eds...
6.3AI Score
Mozilla urges Apple to make privacy a team sport
We often say cybersecurity is a team sport, but, pending a public advocacy campaign from one major tech developer to another, the same might be true for online privacy. Mozilla is currently getting people around the world to lend their voices toward Apple, asking that the company place some extra.....
0.2AI Score
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
9.8CVSS
9.5AI Score
0.002EPSS
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
9.8CVSS
9.3AI Score
0.002EPSS
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
9.8CVSS
9.3AI Score
0.002EPSS
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
9.5AI Score
0.002EPSS
Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to...
6.5CVSS
6.1AI Score
0.001EPSS
Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the...
7.5CVSS
7.2AI Score
0.001EPSS
Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to...
6.5CVSS
6.6AI Score
0.001EPSS
Cross site request forgery (csrf)
Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on the...
8.8CVSS
9AI Score
0.001EPSS
Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the...
9.8CVSS
9.3AI Score
0.002EPSS
Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the...
7.5CVSS
7.8AI Score
0.001EPSS
Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration...
7.5CVSS
8.1AI Score
0.001EPSS
Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device...
9.1CVSS
9.1AI Score
0.002EPSS
Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the...
9.8CVSS
9.4AI Score
0.002EPSS
Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force...
9.8CVSS
9.5AI Score
0.002EPSS
Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force...
9.8CVSS
9.6AI Score
0.002EPSS
Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code...
9.8CVSS
10AI Score
0.008EPSS
Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attacks, which may be used to send a malicious...
6.1CVSS
6.3AI Score
0.001EPSS
Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attacks, which may be used to send a malicious...
6.1CVSS
5.9AI Score
0.001EPSS
Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the...
9.8CVSS
9.3AI Score
0.002EPSS
Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the...
7.5CVSS
7.7AI Score
0.001EPSS
Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration...
7.5CVSS
8AI Score
0.001EPSS
Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device...
9.1CVSS
9.3AI Score
0.002EPSS
Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code...
9.8CVSS
10AI Score
0.008EPSS
Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to...
6.5CVSS
6.7AI Score
0.001EPSS