3 matches found
CVE-2023-28766
A vulnerability has been identified in SIPROTEC 5 6MD85 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 V9.40, SIP...
CVE-2023-28766
A vulnerability has been identified in SIPROTEC 5 6MD85 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 V9.40, SIP...
CVE-2023-28766
CVE-2023-28766 is a NULL pointer dereference (CWE-476) affecting Siemens SIPROTEC 5 devices (broad list across CP300, CP100/CP150 variants) due to incomplete validation of HTTP request parameters in the hosted web service. An unauthenticated remote attacker can send crafted HTTP requests to trigg...