Lucene search
K

4 matches found

Cvelist
Cvelist
added 2023/08/31 5:1 p.m.52 views

CVE-2023-41034 DDFFileParser in eclipse leshan is vulnerable to XXE Attacks

Eclipse Leshan is a device management server and client Java implementation. In affected versions DDFFileParser and DefaultDDFFileValidator and so ObjectLoader are vulnerable to XXE Attacks. A DDF file is a LWM2M format used to store LWM2M object description. Leshan users are impacted only if the...

6.5CVSS9.6AI score0.00568EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/09/29 1:42 a.m.32 views

CVE-2020-11015 Device Authentication Vulnerability in thinx-device-api IoT Device Management Server

A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0. Device MAC address can be spoofed. This means initial registration requests without UDID and spoofed MAC address may pass to create new UDID with same MAC address. Full impact needs to be...

7.5CVSS9.2AI score0.00737EPSS
Exploits0References1
NVD
NVD
added 2020/04/30 6:15 p.m.23 views

CVE-2020-11015

A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0. Device MAC address can be spoofed. This means initial registration requests without UDID and spoofed MAC address may pass to create new UDID with same MAC address. Full impact needs to be...

9.1CVSS7.8AI score0.00737EPSS
Exploits0References1
Prion
Prion
added 2020/04/30 6:15 p.m.16 views

Design/Logic Flaw

A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0. Device MAC address can be spoofed. This means initial registration requests without UDID and spoofed MAC address may pass to create new UDID with same MAC address. Full impact needs to be...

6.4CVSS9AI score0.00737EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder