18 matches found
Rockwell Automation 1715 EtherNet/IP Comms Module
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause the web server to crash, requiring a restart to recover. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...
EUVD-2022-42639
Malicious code in bioql PyPI...
EUVD-2025-17312
Malicious code in bioql PyPI...
CVE-2025-5748
WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Although authentication is required to exploit this vulnerabilit...
CVE-2025-5748 WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability
WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Although authentication is required to exploit this vulnerabilit...
CVE-2025-5748 WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability
WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Although authentication is required to exploit this vulnerabilit...
CVE-2025-5748
CVE-2025-5748 concerns the WOLFBOX Level 2 EV Charger, specifically the Tuya communications module software. The vulnerability arises from the exposure of a method that permits uploading crafted software images to the module, enabling code execution in the device’s context. It is exploitable by n...
(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Tuy...
PT-2025-24283 · Tuya +1 · Tuya Communications Module +1
Name of the Vulnerable Software and Affected Versions: WOLFBOX Level 2 EV Charger affected versions not specified Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of the WOLFBOX Level 2 EV Charger. Although authentication is...
CVE-2023-26211
An improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web script or HTML via the Communications module...
CVE-2023-26211
An improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web script or HTML via the Communications module...
CVE-2023-26211
CVE-2023-26211 : Fortinet FortiSOAR versions 7.3.0–7.3.2 are affected by a cross-site scripting vulnerability caused by improper neutralization of input during web page generation in the Communications module. An authenticated, remote attacker can inject arbitrary web script/HTML via this module....
Host Engineering H0-ECOM100 Communications Module 缓冲区错误漏洞
Host Engineering H0-ECOM100 Communications Module is a Host Engineering communications module from Host Engineering, Inc. A security vulnerability exists in the Host Engineering H0-ECOM100 Communications Module. An attacker could exploit the vulnerability to cause a stack-based buffer overflow by...
Rockwell Automation 1756-DH485/A ControlLogix DH-485 Communications Module
Binary data 752955.prm...
CVE-2017-12726
A Use of Hard-coded Password issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. Telnet on the pump uses hardcoded credentials, which can be used if the pump is configured to allow external communications. Smiths Medical assesses that i...
CVE-2017-12722
An Out-of-bounds Read issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump reads memory out of bounds, causing the communications module to crash. Smiths Medical assesses that the crash of the...
Out-of-bounds
An Out-of-bounds Read issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump reads memory out of bounds, causing the communications module to crash. Smiths Medical assesses that the crash of the...
CVE-2017-12726
A Use of Hard-coded Password issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. Telnet on the pump uses hardcoded credentials, which can be used if the pump is configured to allow external communications. Smiths Medical assesses that i...