17 matches found
EUVD-2019-8031
Malware in sbrugna...
CVE-2019-18231
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request...
CVE-2019-18233
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack...
CVE-2019-18233
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack...
CVE-2019-18231
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request...
Server side request forgery (ssrf)
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request...
Cross site scripting
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack...
CVE-2019-18235
Affected: Advantech Spectre RT ERT351 firmware versions 5.1.3 and prior. Issue: CVE-2019-18235 is caused by insufficient login authentication parameters in the web application, potentially allowing a brute-force password attack to gain full access. Impact: high risk with CVSS v3.1 base score 9.8 ...
CVE-2019-18235
Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication parameters required for the web application may allow an attacker to gain full access using a brute-force password attack...
CVE-2019-18231
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request...
CVE-2019-18231
CVE-2019-18231 affects Advantech Spectre RT ERT351 firmware 5.1.3 and earlier, where login credentials are transmitted in clear text. The ICSA advisory confirms a cleartext transmission vulnerability with CVSS v3 base score 7.5 (Network, Low complexity, No privileges required, Confidentiality imp...
CVE-2019-18233
CVE-2019-18233 affects Advantech Spectre RT Industrial Routers (ERT351) firmware 5.1.3 and earlier. Root cause: improper neutralization of input during web page generation, enabling reflected XSS via error responses. Impact per sources: potential script/HTML injection affecting users viewing erro...
CVE-2019-18233
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack...
Advantech Spectre RT ERT351 Password Plaintext Transfer Vulnerability
The Advantech Spectre RT ERT351 is a router from Advantech USA providing network routing capabilities. The Advantech Spectre RT ERT351 suffers from a password cleartext transfer vulnerability that could be exploited by remote attackers to hijack communications and obtain sensitive information...
Advantech Spectre RT ERT351 Brute Force Vulnerability
The Advantech Spectre RT ERT351 is a router from Advantech USA providing network routing capabilities. A security vulnerability exists in the Advantech Spectre RT ERT351 that allows a remote attacker to exploit the vulnerability by submitting a special request that can be brute-force broken to...
Advantech Spectre RT ERT351 firmware 跨站脚本漏洞
The Advantech Spectre RT ERT351 is a router from Advantech USA providing network routing capabilities. The Advantech Spectre RT ERT351 error response handling suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or...
None Advantech Spectre RT ERT351 firmware 安全漏洞
The Advantech Spectre RT ERT351 is a router from Advantech USA providing network routing capabilities. A security vulnerability exists in the Advantech Spectre RT ERT351 that allows a remote attacker to exploit the vulnerability by submitting a special request that can be brute-force broken to...