29 matches found
EUVD-2021-18377
Malware in sbrugna...
EUVD-2020-17888
Malware in sbrugna...
GE Reason S20 Ethernet Switch Improper Neutralization of Input During Web Page Generation (CVE-2020-16246)
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site...
GE Reason S20 Ethernet Switch Improper Neutralization of Input During Web Page Generation (CVE-2020-16242)
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts. This plugin only works with Tenable.ot. Please...
CVE-2021-31477
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE Reason RPV311 14A03. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware and filesystem of the device. The firmware and filesystem contain...
CVE-2020-25193
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection...
CVE-2020-25197
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system...
CVE-2020-25197
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system...
CVE-2020-25193
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection...
CVE-2020-25197
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system...
Code injection
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system...
Hardcoded credentials
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection...
CVE-2020-25193
The CVE-2020-25193 issue affects GE Reason RT430, RT431 and RT434 GNSS clocks with firmware versions prior to 08A06. The root cause is a hard-coded cryptographic key that allows an attacker to intercept and decrypt HTTPS traffic. Impact is partial confidentiality loss in encrypted communications....
CVE-2020-25193 GE Reason RT43X Clocks Use of Hard-coded Cryptographic Key
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection...
CVE-2020-25193 GE Reason RT43X Clocks Use of Hard-coded Cryptographic Key
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection...
CVE-2020-25197
Summary: CVE-2020-25197 affects GE Reason RT43X GNSS clocks (RT430, RT431, RT434). The underlying issue is a code injection vulnerability in webpages served by the device, allowing an authenticated remote attacker to execute arbitrary code on the system. Affected firmware versions are prior to 08...
CVE-2020-25197 GE Reason RT43X Clocks Code Injection
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system...
CVE-2020-25197 GE Reason RT43X Clocks Code Injection
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system...
PT-2022-8710 · Ge · Ge Reason Rt430 +2
Name of the Vulnerable Software and Affected Versions: GE Reason RT430, RT431 & RT434 GNSS clocks versions prior to 08A06 Description: The issue allows attackers to intercept and decrypt encrypted traffic through an HTTPS connection by having access to the hard-coded cryptographic key. This could...
CVE-2021-31477
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE Reason RPV311 14A03. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware and filesystem of the device. The firmware and filesystem contain...