Lucene search
K

30 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/03 12:0 a.m.13 views

Westermo WeOS Stack-Based Buffer Overflow (CVE-2015-7547)

An attacker that successfully masquerade as an upstream DNS server may serve the WeOS device with malicious DNS query response that can allow the attacker full unauthorized access to the device. The glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo...

8.1CVSS7.8AI score0.89557EPSS
Exploits17References2
CNNVD
CNNVD
added 2024/02/06 12:0 a.m.5 views

Westermo Lynx 206-F2G Code Injection Vulnerability

The Westermo Lynx 206-F2G is a Layer 3 industrial Ethernet switch from Westermo, Sweden, powered by the Westermo WeOS network operating system. A security vulnerability exists in the Westermo Lynx 206-F2G. An attacker can exploit this vulnerability to execute malicious code...

8CVSS7AI score0.00514EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/06 12:0 a.m.6 views

Westermo Lynx 206-F2G Security Vulnerability

The Westermo Lynx 206-F2G is a Layer 3 industrial Ethernet switch from Westermo, Sweden, powered by the Westermo WeOS network operating system. A security vulnerability exists in the Westermo Lynx 206-F2G. An attacker can exploit this vulnerability to execute malicious code...

6.6CVSS7AI score0.0037EPSS
Exploits0References2
ICS
ICS
added 2016/10/31 6:0 a.m.29 views

Westermo Industrial Switch Hard-coded Certificate Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-028-01 Westermo Industrial Switch Hard-Coded Certificate Vulnerability that was published January 28, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Neil Smith has identified a hard-coded certifica...

9.3CVSS9.3AI score0.01206EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2016/08/24 12:0 a.m.17 views

Westermo WeOS Detection (SNMP)

SNMP based detection of Westermo WeOS devices like e.g. Westermo Falcon, Westermo Lynx or Westermo RedFox. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2016/08/24 12:0 a.m.25 views

Westermo WeOS < 4.19.0 Hard-coded Certificate Vulnerability

Westermo WeOS uses the same SSL private key across different customers installations. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.3CVSS9.2AI score0.01206EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2016/01/30 12:59 p.m.5 views

CVE-2015-7923

Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key...

9.3CVSS5.5AI score0.01206EPSS
Exploits0References2
NVD
NVD
added 2016/01/30 12:59 p.m.10 views

CVE-2015-7923

Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key...

9.3CVSS9AI score0.01206EPSS
Exploits0References1
Cvelist
Cvelist
added 2016/01/30 11:0 a.m.20 views

CVE-2015-7923

Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key...

9AI score0.01206EPSS
Exploits0References1
ICS
ICS
added 2016/01/28 12:0 a.m.34 views

Westermo Industrial Switch Hard-coded Certificate Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-028-01 Westermo Industrial Switch Hard-Coded Certificate Vulnerability that was published January 28, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Neil Smith has identified a hard-coded certifica...

9.3CVSS0.4AI score0.01206EPSS
Exploits0References19
Rows per page
Query Builder