CVE-2025-1680

An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa’s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected...

CVE-2025-1680

An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa’s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected...

EUVD-2025-35687

Cross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device’s web service that could impact authenticated users interacting with the device’s web interface. This vulnerability is...

Moxa Ethernet switches 安全漏洞

Moxa Ethernet switches is an industrial-grade network switch from Moxa Corporation of Taiwan, China. A security vulnerability exists in Moxa Ethernet switches, which originates from a stored cross-site scripting attack that could result in the loss of confidentiality and integrity of subsequent...

EUVD-2018-1078

Malware in sbrugna...

EUVD-2016-10145

Malware in sbrugna...

EUVD-2003-1497

Malware in sbrugna...

EUVD-2024-18180

Malicious code in bioql PyPI...

CVE-2025-41653 Weidmueller: Denial-of-Service Vulnerability in the web server functionality of Industrial Ethernet Switches

An unauthenticated remote attacker can exploit a denial-of-service vulnerability in the device's web server functionality by sending a specially crafted HTTP request with a malicious header, potentially causing the server to crash or become unresponsive...

CVE-2025-41653 Weidmueller: Denial-of-Service Vulnerability in the web server functionality of Industrial Ethernet Switches

An unauthenticated remote attacker can exploit a denial-of-service vulnerability in the device's web server functionality by sending a specially crafted HTTP request with a malicious header, potentially causing the server to crash or become unresponsive...

CVE-2025-41652 Weidmueller: Authentication Bypass Vulnerability in Industrial Ethernet Switches

The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force attacks to guess valid credentials or by using MD5 collision techniques to forge authentication hashes,...

CVE-2025-41652 Weidmueller: Authentication Bypass Vulnerability in Industrial Ethernet Switches

The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force attacks to guess valid credentials or by using MD5 collision techniques to forge authentication hashes,...

CVE-2025-41651

CVE-2025-41651 concerns a missing authentication flaw in Weidmueller industrial Ethernet switches (e.g., E-SW-VL08MT-8TX, IE-SW-PL10M-3GT-7TX, IE-SW-PL16M-16TX, IE-SW-PL18M-2GC-16TX). The root cause is lack of authentication for a critical function, enabling an unauthenticated remote attacker to ...

CVE-2025-41650 Weidmueller: Denial-of-Service Vulnerability in Industrial Ethernet Switches

An unauthenticated remote attacker can exploit input validation in cmd services of the devices, allowing them to disrupt system operations and potentially cause a denial-of-service...

CVE-2025-41650

CVE-2025-41650 affects Weidmueller Interface industrial Ethernet switches. Multiple product lines are affected by insufficient input validation in cmd service handling, enabling an unauthenticated remote attacker to disrupt operations and cause a denial-of-service. Affected products and minimum f...

CVE-2025-41650 Weidmueller: Denial-of-Service Vulnerability in Industrial Ethernet Switches

An unauthenticated remote attacker can exploit input validation in cmd services of the devices, allowing them to disrupt system operations and potentially cause a denial-of-service...

CVE-2025-41649 Weidmueller: Out-of-Bounds Write Vulnerability in Industrial Ethernet Switches

An unauthenticated remote attacker can exploit insufficient input validation to write data beyond the bounds of a buffer, potentially leading to a denial-of-service condition for the devices...

CVE-2025-41649 Weidmueller: Out-of-Bounds Write Vulnerability in Industrial Ethernet Switches

An unauthenticated remote attacker can exploit insufficient input validation to write data beyond the bounds of a buffer, potentially leading to a denial-of-service condition for the devices...

CVE-2025-41649

CVE-2025-41649 describes an out-of-bounds write vulnerability caused by insufficient input validation in certain Weidmueller industrial Ethernet switches (e.g., IE-SW-PL10M-3GT-7TX family). An unauthenticated remote attacker can trigger data writes beyond buffer bounds, potentially leading to a d...

CVE-2024-20465

A vulnerability in the access control list ACL programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the incorrect handling of IPv4 ACLs o...