Controller Security Vulnerabilities
Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software on Windows allows Leveraging/Manipulating Configuration File Search Paths. See Instruction Manual Appendix A [Cybersecurity] tag dated 20230522 for more details. This issue...
7.4CVSS
5.6AI Score
0.0004EPSS
Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a...
8.8CVSS
8.7AI Score
0.001EPSS
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an exception to extract....
8.4CVSS
8.4AI Score
0.001EPSS
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or...
9.8CVSS
9.4AI Score
0.001EPSS
A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies (for example, access policies) created by users associated with a different...
5.4CVSS
5.5AI Score
0.001EPSS
5.5CVSS
5.6AI Score
0.0004EPSS
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on...
7.5CVSS
7.7AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file...
7.5CVSS
7.5AI Score
0.001EPSS
Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log...
9.8CVSS
9.5AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on...
5.5CVSS
5.4AI Score
0.0004EPSS
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure...
9.8CVSS
9.3AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on...
5.5CVSS
5.5AI Score
0.0004EPSS
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite...
9.8CVSS
9.3AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search...
7.5CVSS
7.4AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM...
9.8CVSS
9.3AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS...
7.5CVSS
7.5AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options...
9.8CVSS
9.3AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security ...
9.8CVSS
9.3AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log...
7.5CVSS
7.5AI Score
0.001EPSS
7.5CVSS
7.7AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway...
9.8CVSS
9.3AI Score
0.001EPSS
Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web...
9.8CVSS
9.5AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known...
9.8CVSS
9.5AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based...
7.5CVSS
7.5AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway...
9.8CVSS
9.3AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy ...
9.8CVSS
9.3AI Score
0.001EPSS
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged...
6.5CVSS
6.4AI Score
0.0005EPSS
A Command Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to execute arbitrary commands within the context of the...
9.8CVSS
9.8AI Score
0.001EPSS
A SQL Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to access sensitive information and execute arbitrary database and management...
9.8CVSS
9.6AI Score
0.001EPSS
Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network...
9.8CVSS
9.7AI Score
0.001EPSS
Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local...
6.5CVSS
4.6AI Score
0.0004EPSS
A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not...
7.5CVSS
5.9AI Score
0.0005EPSS
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information...
6.1CVSS
6.2AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not...
5.4CVSS
5.3AI Score
0.0004EPSS
An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests. Note: Software versions which have reached End of Technical Support (EoTS) are not...
4.3CVSS
4.8AI Score
0.0004EPSS
Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which is handling the OSDP communication allowing to write outside of the allocated buffer. By appending invalid data to an OSDP...
8.8CVSS
9.1AI Score
0.001EPSS
Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors.....
6.5CVSS
6.4AI Score
0.001EPSS
8CVSS
8.7AI Score
0.0004EPSS
8.3CVSS
7.2AI Score
0.001EPSS
Weave GitOps Terraform Controller (aka Weave TF-controller) is a controller for Flux to reconcile Terraform resources in a GitOps way. A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an authenticated remote attacker to view sensitive information. This...
8.5CVSS
6.5AI Score
0.001EPSS
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones...
7.5CVSS
7.5AI Score
0.001EPSS
Cross site scripting vulnerability in Citrix ADC and Citrix Gateway in allows and attacker to perform cross site...
6.1CVSS
6.1AI Score
0.055EPSS
A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to...
6.3CVSS
6.4AI Score
0.0004EPSS
An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore access to the management web...
7.5CVSS
7.5AI Score
0.0005EPSS
Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attackers to obtain user credential via unspecified...
7.5CVSS
7.4AI Score
0.001EPSS
Uncontrolled search path element vulnerability in Backup Management Functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to read or write arbitrary files via unspecified...
8.1CVSS
7.5AI Score
0.001EPSS
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information...
7.1CVSS
6.8AI Score
0.0004EPSS
Controller 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. This issue affects Controller 6000: before vCR8.80.230201a, before vCR8.70.230201a, before vCR8.60.230201b, before vCR8.50.230201a, all versions of vCR8.40 and...
9.8CVSS
9.7AI Score
0.002EPSS