35 matches found
EUVD-2020-4815
Malware in sbrugna...
CVE-2020-12513
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection...
CVE-2020-12512
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting...
CVE-2020-12514
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd...
CVE-2020-12513
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection...
CVE-2020-12514
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd...
CVE-2020-12511
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery CSRF in the web interface...
Null pointer dereference
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd...
Cross site scripting
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting...
Cross site request forgery (csrf)
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery CSRF in the web interface...
Command injection
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection...
CVE-2020-12512
CVE-2020-12512 affects Pepperl+Fuchs Comtrol IO-Link Master (System 1.36 / Application 1.5.x) up to 1.5.28/1.5.48 (and below). The issue is an authenticated reflected POST Cross‑Site Scripting vulnerability in the device/web interface. Vulnerable component: IO-Link Master firmware/applications; r...
CVE-2020-12514
CVE-2020-12514 affects Pepperl+Fuchs Comtrol IO-Link Master (versions 1.5.48 and earlier). The vulnerability is a NULL pointer dereference in the discoveryd component, causing a DoS. The provided connected documents confirm the affected product and version range and describe the root cause as a N...
CVE-2020-12514 Pepper+Fuchs Comtrol IO-Link Master NULL Pointer Dereference
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd...
CVE-2020-12511 Pepper+Fuchs Comtrol IO-Link Master Cross-Site Request Forgery
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery CSRF in the web interface...
CVE-2020-12512 Pepper+Fuchs Comtrol IO-Link Master Cross-Site Scripting
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting...
CVE-2020-12513 Pepper+Fuchs Comtrol IO-Link Master OS Command Injection
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection...
CVE-2020-12511
Pepperl+Fuchs Comtrol IO-Link Master (Series) is affected by a CSRF vulnerability in the web interface for versions 1.5.48 and earlier. The issue arises in the device’s web UI and is reported to allow unauthorized actions via cross-site requests. Proof/coverage from multiple sources confirms vuln...
CVE-2020-12513
Pepperl+Fuchs Comtrol IO-Link Master Series is affected by CVE-2020-12513. Vulnerable versions include System 1.36 and Application 1.5.28 (and 1.5.48 and earlier per CVE listing) with an authenticated blind OS Command Injection. Fixed versions are System 1.52 and Application 1.6.11. The vulnerabi...
CVE-2020-12501
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT all versions use undocumented accounts...