77 matches found
CVE-2026-25819
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 allows unauthenticated attackers to cause a Denial of Service by using a specially crafted HTTP request that leads to a reboot of the device, provided they hav...
CVE-2026-25818
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have weak entropy for authentication cookies, allowing an attacker with a stolen session cookie to find the user password by brute-forcing an encryption...
CVE-2026-25823
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have a stack buffer overflow that leads to a Denial of Service, which can also be exploited to achieve Unauthenticated Remote Code Execution...
EUVD-2026-11713
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 allows unauthenticated attackers to cause a Denial of Service by using a specially crafted HTTP request that leads to a reboot of the device, provided they hav...
EUVD-2026-11711
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have weak entropy for authentication cookies, allowing an attacker with a stolen session cookie to find the user password by brute-forcing an encryption...
EUVD-2026-11709
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have improper neutralization of special elements used in an OS command allowing remote code execution by attackers with low privilege access on the gateway,...
EUVD-2026-11715
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have a stack buffer overflow that leads to a Denial of Service, which can also be exploited to achieve Unauthenticated Remote Code Execution...
CVE-2026-25818
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have weak entropy for authentication cookies, allowing an attacker with a stolen session cookie to find the user password by brute-forcing an encryption...
CVE-2026-25823
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have a stack buffer overflow that leads to a Denial of Service, which can also be exploited to achieve Unauthenticated Remote Code Execution...
CVE-2026-25819
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 allows unauthenticated attackers to cause a Denial of Service by using a specially crafted HTTP request that leads to a reboot of the device, provided they hav...
CVE-2026-25817
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have improper neutralization of special elements used in an OS command allowing remote code execution by attackers with low privilege access on the gateway,...
HMS Cosy+和HMS Ewon Flexy 安全漏洞
HMS Cosy+ and HMS Ewon Flexy are both products from the Swedish company HMS. HMS Cosy+ is an application for industrial remote access. HMS Ewon Flexy is a remote access gateway device. Both HMS Cosy+ and HMS Ewon Flexy have security vulnerabilities, which stem from improper handling of specially...
HMS Ewon Flexy和HMS Networks HMS Cosy+ 安全漏洞
HMS Cosy+ and HMS Ewon Flexy are both products from the Swedish company HMS Networks. HMS Cosy+ is an application used for industrial remote access. HMS Ewon Flexy is a remote access gateway device. There are security vulnerabilities in HMS Ewon Flexy and HMS Cosy+, which stem from improper...
HMS Ewon Flexy和HMS Networks HMS Cosy+ 安全漏洞
HMS Networks HMS Cosy+ is an application for industrial remote access developed by the Swedish company HMS Networks. HMS Ewon Flexy is a remote access gateway device produced by HMS Company in Sweden. There are security vulnerabilities in both HMS Ewon Flexy and HMS Networks HMS Cosy+. These...
HMS Cosy+和HMS Ewon Flexy 安全漏洞
HMS Cosy+ and HMS Ewon Flexy are both products from the Swedish company HMS. HMS Cosy+ is an application used for industrial remote access. HMS Ewon Flexy is a remote access gateway device. Both HMS Cosy+ and HMS Ewon Flexy have security vulnerabilities; these vulnerabilities stem from weak entro...
CVE-2026-25823
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have a stack buffer overflow that leads to a Denial of Service, which can also be exploited to achieve Unauthenticated Remote Code Execution...
CVE-2026-25819
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 allows unauthenticated attackers to cause a Denial of Service by using a specially crafted HTTP request that leads to a reboot of the device, provided they hav...
CVE-2026-25818
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have weak entropy for authentication cookies, allowing an attacker with a stolen session cookie to find the user password by brute-forcing an encryption...
CVE-2026-25817
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have improper neutralization of special elements used in an OS command allowing remote code execution by attackers with low privilege access on the gateway,...
CVE-2026-25823
Affected products: HMS Networks Ewon Flexy (firmware before 15.0s4) and Cosy+ (firmware before 22.1s6 and before 23.0s3). Issue: stack buffer overflow in the affected WEB/firmware stack leads to Denial of Service, with potential for Unauthenticated Remote Code Execution. Root cause: insufficient ...