Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2024/08/19 12:0 a.m.234 views

Ewon Cosy+ Improper Neutralization / Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-016 Product: Ewon Cosy+ Manufacturer: HMS Industrial Networks AB Affected Versions: Firmware Versions: 21.2s10 and 22.1s3 Tested Versions: Firmware Version: 21.2s7 Vulnerability Type: Improper Neutralization of Input During We...

7.4AI score0.00715EPSS
Exploits5
The Hacker News
The Hacker News
added 2024/08/12 6:57 a.m.34 views

Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks

Security vulnerabilities have been disclosed in the industrial remote access solution Ewon Cosy+ that could be abused to gain root privileges to the devices and stage follow-on attacks. The elevated access could then be weaponized to decrypt encrypted firmware files and encrypted data such as...

9.1CVSS8.3AI score0.04023EPSS
Exploits13
NVD
NVD
added 2024/08/02 6:16 p.m.27 views

CVE-2024-33893

Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to XSS when displaying the logs due to improper input sanitization. This is fixed in version 21.2s10 and 22.1s3...

6.1CVSS0.00715EPSS
Exploits5References6
Vulnrichment
Vulnrichment
added 2024/08/02 12:0 a.m.15 views

CVE-2024-33893

Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to XSS when displaying the logs due to improper input sanitization. This is fixed in version 21.2s10 and 22.1s3...

6.2AI score0.00715EPSS
Exploits5References4
Rows per page
Query Builder