41 matches found
PT-2025-44154
Name of the Vulnerable Software and Affected Versions TropOS 4th Gen affected versions not specified Description The “Diagnostics Tools” page within the web-based configuration utility does not adequately validate user-supplied input. This allows a user with high-level authentication to inject...
Hitachi TropOS 4th Gen 操作系统命令注入漏洞
Hitachi TropOS 4th Gen is a wireless communication device from Hitachi, Japan. An operating system command injection vulnerability exists in Hitachi TropOS 4th Gen. The vulnerability stems from a command injection in the Logging page of the Network Configuration Tool, which could lead to a...
Hitachi TropOS 4th Gen 操作系统命令注入漏洞
Hitachi TropOS 4th Gen is a wireless communication device from Hitachi, Ltd Hitachi, Japan. An operating system command injection vulnerability exists in Hitachi TropOS 4th Gen. The vulnerability stems from the Diagnostics Tools page in the Web Configuration Tool not properly validating user inpu...
Hitachi TropOS 4th Gen 安全漏洞
Hitachi TropOS 4th Gen is a wireless communication device from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi TropOS 4th Gen, which originates from misuse of scripts and executables, and could allow an unauthorized user to gain unrestricted root shell access...
PT-2025-44153
Name of the Vulnerable Software and Affected Versions TropOS 4th Gen affected versions not specified Description An authenticated user with the ability to run user level shell commands can enable access via secure shell SSH to an unrestricted root shell by making minor configuration changes to th...
PT-2025-44152
Name of the Vulnerable Software and Affected Versions TropOS 4th Gen affected versions not specified Description A command injection vulnerability exists in the “Logging” page of the web-based configuration utility. An authenticated user with low privileged network access for the configuration...
EUVD-2012-4823
Malware in sbrugna...
CVE-2012-4898
Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere...
Hitachi Energy TRO600
RISK EVALUATION Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the web UI can execute commands on the device with root privileges, far more extensive...
CVE-2024-41156
Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. Profiles can only be exported by authenticated users with higher privilege of write access...
CVE-2024-41156
CVE-2024-41156 affects Hitachi Energy TRO600 radios; the issue is a command-execution/privilege-leak risk via the Edge Computing UI, with profile files from TRO600 radios exportable in plaintext and encrypted formats. Exploitation requires authenticated write access, enabling access to configurat...
CVE-2024-41156
Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. Profiles can only be exported by authenticated users with higher privilege of write access...
Hitachi ABB Power Grids TropOS
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Hitachi ABB Power Grids Equipment: TropOS Vulnerabilities: Injection, Inadequate Encryption Strength, Missing Authentication for Critical Function, Improper Authentication, Improper Validation of Integrity Check Value,...
ABB TropOS
CVSS v3 6.8 Vendor: ABB Equipment: TropOS Vulnerabilities: Security Features AFFECTED PRODUCTS ABB reports that the key reinstallation attacks KRACK potentially affect all TropOS broadband mesh routers and bridges operating on Mesh OS release 8.5.2 or prior. IMPACT Successful exploitation of thes...
ABB TropOS (Update A)
CVSS v3 6.8 Vendor: ABB Equipment: TropOS Vulnerabilities: Security Features UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-318-02 ABB TropOS that was published November 14, 2017, on the NCCIC/ICS-CERT website. AFFECTED PRODUCTS ABB reports that th...
CVE-2012-4898
Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere...
Design/Logic Flaw
Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere...
CVE-2012-4898
CVE-2012-4898 affects Tropos Networks’ Mesh OS prior to 7.9.1.1. The vulnerability stems from insufficient entropy used to generate SSH host keys, enabling a remote attacker to perform a Man-in-the-Middle attack by exploiting knowledge of non-unique keys from another installation. Impact includes...
CVE-2012-4898 Tropos Wireless Mesh Routers Insufficient Entropy
Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere...
PT-2012-5647 · Tropos · Mesh Os
Name of the Vulnerable Software and Affected Versions: Tropos wireless mesh routers Mesh OS versions prior to 7.9.1.1 Description: The issue is related to insufficient entropy for SSH keys, making it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by...