47 matches found
CVE-2023-7342 Belden HiSecOS Web Server Privilege Escalation
HiSecOS web server versions 03.4.00 prior to 04.1.00 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this fla...
PT-2026-29891
HiSecOS web server versions 05.0.00 to 08.3.01 prior to 08.3.02 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can explo...
Belden HiSecOS 安全漏洞
Belden HiSecOS is an operating system for industrial security routers developed by the American company Belden. There were security vulnerabilities in versions of the Belden HiSecOS web server prior to 08.3.02. These vulnerabilities stemmed from a permission escalation issue when specially crafte...
Belden HiSecOS 安全漏洞
Belden HiSecOS is an operating system for industrial security routers developed by the American company Belden. Versions of Belden HiSecOS prior to 04.1.00 contained security vulnerabilities. These vulnerabilities stemmed from a permission escalation issue when sending specially crafted data...
CVE-2021-27734
Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSecOS 03.3.00 through 03.5.01 allow remote attackers to change the credentials of existing users...
CVE-2023-53908
HiSecOS 04.0.01 contains a privilege escalation vulnerability that allows authenticated users to modify their access role through XML-based NETCONF configuration. Attackers can send crafted XML payloads to the /mopsdata endpoint with a specific role value to elevate their user privileges to...
CVE-2023-53908 HiSecOS 04.0.01 Privilege Escalation via User Role Modification
HiSecOS 04.0.01 contains a privilege escalation vulnerability that allows authenticated users to modify their access role through XML-based NETCONF configuration. Attackers can send crafted XML payloads to the /mopsdata endpoint with a specific role value to elevate their user privileges to...
CVE-2023-53908 HiSecOS 04.0.01 Privilege Escalation via User Role Modification
HiSecOS 04.0.01 contains a privilege escalation vulnerability that allows authenticated users to modify their access role through XML-based NETCONF configuration. Attackers can send crafted XML payloads to the /mopsdata endpoint with a specific role value to elevate their user privileges to...
Belden HiSecOS 安全漏洞
Belden HiSecOS is an operating system for industrial security routers from Belden USA. A security vulnerability exists in Belden HiSecOS version 04.0.01 that stems from mishandling of XML configuration, which could lead to elevation of privilege...
EUVD-2021-14476
Malware in sbrugna...
EUVD-2020-28134
Malware in sbrugna...
Hirschmann HiOS Switches Improper Authentication (CVE-2021-27734)
Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSecOS 03.3.00 through 03.5.01 allow remote attackers to change the credentials of existing users. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVE...
Hirschmann Automation and Control HiOS and HiSecOS Products Buffer Copy Without Checking Size of Input (CVE-2020-6994)
A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS and HiSecOS. The vulnerability is due to improper parsing of URL arguments. An attacker could exploit this vulnerability by specially crafting HTTP requests to overflow an internal buffer. The...
HiSecOS 04.0.01 - Privilege Escalation Exploit
Exploit Title: HiSecOS 04.0.01 - Privilege Escalation Google Dork: HiSecOS Web Server Vulnerability Allows User Role Privilege Escalation Exploit Author: dreizehnutters Vendor Homepage: https://dam.belden.com/dmm3bwsv3/assetstream.aspx?assetid=15437&mediaformatid=50063&destinationid=10016 Version...
HiSecOS 04.0.01 Privilege Escalation
Exploit Title: HiSecOS 04.0.01 - Privilege Escalation Google Dork: HiSecOS Web Server Vulnerability Allows User Role Privilege Escalation Date: 21.06.2023 Exploit Author: dreizehnutters Vendor Homepage:...
HiSecOS 04.0.01 - Privilege Escalation
Exploit Title: HiSecOS 04.0.01 - Privilege Escalation Google Dork: HiSecOS Web Server Vulnerability Allows User Role Privilege Escalation Date: 21.06.2023 Exploit Author: dreizehnutters Vendor Homepage:...
CVE-2021-27734
Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSecOS 03.3.00 through 03.5.01 allow remote attackers to change the credentials of existing users...
CVE-2021-27734
Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSecOS 03.3.00 through 03.5.01 allow remote attackers to change the credentials of existing users...
Design/Logic Flaw
Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSecOS 03.3.00 through 03.5.01 allow remote attackers to change the credentials of existing users...
CVE-2021-27734
Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSecOS 03.3.00 through 03.5.01 allow remote attackers to change the credentials of existing users...