Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Datamodule Compactplus Security Vulnerabilities

cve
cve

CVE-2020-16238

A vulnerability in the configuration import mechanism of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with command line access to the underlying Linux system to escalate privileges to the root user.

6.7CVSS

6.6AI Score

0.0004EPSS

2022-04-14 09:15 PM
29
cve
cve

CVE-2020-25150

A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with service user privileges to upload arbitrary files. By uploading a specially crafted tar file an attacker can execute arbitra...

8.8CVSS

8.7AI Score

0.001EPSS

2022-04-14 09:15 PM
32
cve
cve

CVE-2020-25152

A session fixation vulnerability in the B. Braun Melsungen AG SpaceCom administrative interface Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to hijack web sessions and escalate privileges.

8.1CVSS

8.1AI Score

0.002EPSS

2022-04-14 09:15 PM
25
cve
cve

CVE-2020-25154

An open redirect vulnerability in the administrative interface of the B. Braun Melsungen AG SpaceCom device Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to redirect users to malicious websites.

6.1CVSS

6.2AI Score

0.001EPSS

2022-04-14 09:15 PM
28
cve
cve

CVE-2020-25156

Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versions A10 and A11 and earlier enables attackers in possession of cryptographic material to access the device as root.

7.2CVSS

7AI Score

0.001EPSS

2022-04-14 09:15 PM
29
cve
cve

CVE-2020-25158

A reflected cross-site scripting (XSS) vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to inject arbitrary web script or HTML into various locations.

7.6CVSS

5.9AI Score

0.001EPSS

2022-04-14 09:15 PM
31
cve
cve

CVE-2020-25160

Improper access controls in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enables attackers to extract and tamper with the devices network configuration.

6.8CVSS

6.3AI Score

0.0004EPSS

2022-04-14 09:15 PM
27
2
cve
cve

CVE-2020-25162

A XPath injection vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows unauthenticated remote attackers to access sensitive information and escalate privileges.

7.5CVSS

7.6AI Score

0.001EPSS

2022-04-14 09:15 PM
35
cve
cve

CVE-2020-25164

A vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to recover user credentials of the administrative interface.

7.5CVSS

7.4AI Score

0.002EPSS

2022-04-14 09:15 PM
30
cve
cve

CVE-2020-25166

An improper verification of the cryptographic signature of firmware updates of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to generate valid firmware updates with arbitrary content that can be used to tamper w...

7.6CVSS

6.9AI Score

0.001EPSS

2022-04-14 09:15 PM
28
cve
cve

CVE-2020-25168

Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enable attackers with command line access to access the device’s Wi-Fi module.

3.3CVSS

4.1AI Score

0.0004EPSS

2022-04-14 09:15 PM
28