CVE-2022-2336

Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as admin and password as admin. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon first login, the...

CVE-2022-2338

Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may...

CVE-2022-2334

The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22...

Design/Logic Flaw

A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22...

PT-2022-6555 · Softing · Softing Edgeconnector +5

Name of the Vulnerable Software and Affected Versions: Softing OPC UA C++ Server SDK affected versions not specified Softing Secure Integration Server affected versions not specified Softing edgeAggregator affected versions not specified Softing edgeConnector affected versions not specified Softi...