64 matches found
CVE-2020-10042
A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. A buffer overflow in various positions of the web application might enable an attacker with access to the web application to execute arbitrary code over the network...
CVE-2020-10045
A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An error in the challenge-response procedure could allow an attacker to replay authentication traffic and gain access to protected areas of the web application...
CVE-2020-10041
A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. A stored Cross-Site-Scripting XSS vulnerability is present in different locations of the web application. An attacker might be able to take over a session of a legitimate user...
EUVD-2020-2505
Malware in sbrugna...
EUVD-2020-2503
Malware in sbrugna...
EUVD-2020-2507
Malware in sbrugna...
EUVD-2020-2509
Malware in sbrugna...
EUVD-2020-2508
Malware in sbrugna...
EUVD-2020-2510
Malware in sbrugna...
Siemens SICAM T和Siemens SICAM 安全漏洞
Siemens SICAM T and Siemens SICAM are products of Siemens, Germany.Siemens SICAM T is a digital measurement sensor for industrial environments. The device is used in industrial, power plant and substation environments to measure the amount of electricity in an electrical network in a single...
CVE-2022-29880
A vulnerability has been identified in SICAM T All versions V3.0. Affected devices do not properly validate input in the configuration interface. This could allow an authenticated attacker to place persistent XSS attacks to perform arbitrary actions in the name of a logged user which accesses the...
CVE-2022-29881
A vulnerability has been identified in SICAM T All versions V3.0. The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow unauthenticated users to extract internal configuration details...
CVE-2022-29874
A vulnerability has been identified in SICAM T All versions V3.0. Affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the device...
CVE-2022-29878
A vulnerability has been identified in SICAM T All versions V3.0. Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, an...
CVE-2022-29882
A vulnerability has been identified in SICAM T All versions V3.0. Affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this situation to store an XSS attack, which could - when a legitimate user accesses the error logs - perform arbitrary...
CVE-2022-29883
A vulnerability has been identified in SICAM T All versions V3.0. Affected devices do not restrict unauthenticated access to certain pages of the web interface. This could allow an attacker to delete log files without authentication...
CVE-2022-29876
A vulnerability has been identified in SICAM T All versions V3.0. Affected devices do not properly handle the input of a GET request parameter. The provided argument is directly reflected in the web server response. This could allow an unauthenticated attacker to perform reflected XSS attacks...
CVE-2022-29879
A vulnerability has been identified in SICAM T All versions V3.0. The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow authenticated users to access critical device information...
CVE-2022-29873
A vulnerability has been identified in SICAM T All versions V3.0. Affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute...
CVE-2022-29872
A vulnerability has been identified in SICAM T All versions V3.0. Affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on...