EUVD-2018-7358

Malware in sbrugna...

CVE-2025-8638 Kenwood DMX958XR Firmware Update Command Injection Vulnerability

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

CVE-2019-5156

An exploitable command injection vulnerability exists in the cloud connectivity functionality of WAGO PFC200 versions 03.02.0214, 03.01.0713, and 03.00.3912. An attacker can inject operating system commands into the TimeoutPrepared parameter value contained in the firmware update command...

WAGO PFC200 OS Command Injection Vulnerability (CNVD-2020-19519)

The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. The WAGO PFC200 suffers from an operating system command injection vulnerability that can be exploited by an attacker to inject operating system commands into the value of the TimeoutPrepared parameter contained in the...

The vulnerability of the FTP server of the microprogramming software for Schneider Electric Modicon Quantum control devices arises from deficiencies in access control. This allows a intruder to execute arbitrary code, cause system failures, or upload malicious firmware.

The vulnerability of the microprogrammed logic controller Schneider Electric Modicon Quantum software is related to deficiencies in access control. Exploiting this vulnerability could allow an intruder to execute arbitrary code, cause malfunctions, or upload malicious firmware using a special FTP...