CVE-2012-1808

The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 does not require authentication, which allows remote attackers to perform unspecified functions via unknown vectors...

Design/Logic Flaw

The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to cause a denial of service resource consumption via unspecified vectors...

CVE-2012-1807

Cross-site scripting XSS vulnerability in the web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-1806

The CVE-2012-1806 entry concerns weak password requirements in the Koyo ECOM Ethernet modules (H0/H0-ECOM, H2-ECOM, H2-ECOM-F/100, H4-ECOM, H4-ECOM-F/100) used with DirectLogic DL06/DL205/DL405 PLC families. The root cause is a maximum 8-byte password limit enabling brute-force access (CWE-521). ...

CVE-2012-1806

The ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 supports a maximum password length of 8 bytes, which makes it easier for remote attackers to obtain access via a brute-force attack...

CVE-2012-1807

CVE-2012-1807 is an XSS vulnerability in the web server of the ECOM Ethernet module (Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, H4-ECOM100). The issue affects the web interface and allows remote attackers to inject arbitrary script/HTML via unspecified vectors. ...

CVE-2012-1805

Buffer overflow in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to execute arbitrary code via long strings in unspecified parameters...