34 matches found
EUVD-2016-9971
Malware in sbrugna...
EUVD-2019-5197
Malware in sbrugna...
CVE-2019-13927
A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 All firmware versions V6.00.320, Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules...
Siemens Desigo PX Devices External Control of Assumed-Immutable Web Parameter (CVE-2019-13927)
A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 All firmware versions V6.00.320, Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules...
Multiple Siemens Products Axon Language Query Cross-Site Request Forgery Vulnerability
Siemens Desigo PX is a building automation control system from Siemens, a German company. A cross-site request forgery vulnerability exists in several Siemens products, stemming from a lack of authentication of anti-CSRF tokens or other source checks in the endpoint of the "Operation" Web...
Multiple Siemens products open to redirection vulnerabilities
Siemens Desigo PX is a building automation control system from Siemens Germany. Several Siemens products have an open redirection vulnerability, which stems from the fact that the device's embedded browser does not prevent interaction with an alternate URI scheme when the Web application code...
Multiple Siemens Products Operating System Command Injection Vulnerabilities
Siemens Desigo PX is a building automation control system from Siemens Germany. Multiple Siemens products are vulnerable to operating system command injection. The vulnerability stems from the presence of incorrect neutralization of special elements used in O commands with root privileges during...
Cross-site scripting vulnerability in Import Files function of multiple Siemens products
Siemens Desigo PX is a building automation control system from Siemens, a German company. A cross-site scripting vulnerability exists in several Siemens products. The vulnerability stems from an incorrect neutralization of input during web page generation in the Import Files function of the...
Cross-site Request Forgery Vulnerability in Import Files Function of Multiple Siemens Products
Siemens Desigo PX is a building automation control system from Siemens, a German company. A cross-site request forgery vulnerability exists in several Siemens products, stemming from a lack of validation of anti-CSRF tokens or other source checks in the Import Files feature of the "Operation" Web...
Information leakage vulnerability of multiple Siemens products
Siemens Desigo PX is a building automation control system from Siemens, a German company. The information disclosure vulnerability in several Siemens products stems from the fact that the endpoint of the "Operation" web application that interprets and executes Axon language queries allows file re...
多款Siemens产品信息泄露漏洞
Siemens Desigo PX is a building automation control system from Siemens, a German company. The information disclosure vulnerability in several Siemens products stems from the fact that the endpoint of the "Operation" web application that interprets and executes Axon language queries allows file re...
多款Siemens产品操作系统命令注入漏洞
Siemens Desigo PX is a building automation control system from Siemens Germany. Multiple Siemens products are vulnerable to operating system command injection. The vulnerability stems from the presence of incorrect neutralization of special elements used in O commands with root privileges during...
多款Siemens产品跨站请求伪造漏洞
Siemens Desigo PX is a building automation control system from Siemens, a German company. A cross-site request forgery vulnerability exists in several Siemens products, stemming from a lack of authentication of anti-CSRF tokens or other source checks in the endpoint of the "Operation" Web...
多款Siemens产品跨站请求伪造漏洞
Siemens Desigo PX is a building automation control system from Siemens, a German company. A cross-site request forgery vulnerability exists in several Siemens products, stemming from a lack of validation of anti-CSRF tokens or other source checks in the Import Files feature of the "Operation" Web...
多款Siemens产品跨站脚本漏洞
Siemens Desigo PX is a building automation control system from Siemens Germany. Several Siemens products have an open redirection vulnerability, which stems from the fact that the device's embedded browser does not prevent interaction with an alternate URI scheme when the Web application code...
CVE-2019-13927
A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 All firmware versions V6.00.320, Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules...
CVE-2019-13927
A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 All firmware versions V6.00.320, Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules...
Design/Logic Flaw
A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 All firmware versions V6.00.320, Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules...
CVE-2019-13927
A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 All firmware versions V6.00.320, Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules...
CVE-2019-13927
CVE-2019-13927 affects Siemens Desigo PX devices with web interfaces (web server on tcp/80). A specially crafted HTTP message can cause the web server to respond with 404 to subsequent requests, degrading availability; recovery requires a reboot. Affected families include PXC00-E/D, PXC50-E/D, PX...