CVE-2022-3228

Using custom code, an attacker can write into name or description fields larger than the appropriate buffer size causing a stack-based buffer overflow on Host Engineering H0-ECOM100 Communications Module Firmware versions v5.0.155 and prior. This may allow an attacker to crash the affected device...

CVE-2022-3228

Using custom code, an attacker can write into name or description fields larger than the appropriate buffer size causing a stack-based buffer overflow on Host Engineering H0-ECOM100 Communications Module Firmware versions v5.0.155 and prior. This may allow an attacker to crash the affected device...

Stack overflow

Using custom code, an attacker can write into name or description fields larger than the appropriate buffer size causing a stack-based buffer overflow on Host Engineering H0-ECOM100 Communications Module Firmware versions v5.0.155 and prior. This may allow an attacker to crash the affected device...

CVE-2022-3228

The CVE-2022-3228 vulnerability affects Host Engineering H0-ECOM100 Communications Module Firmware v5.0.155 and earlier. An attacker can trigger a stack-based buffer overflow by writing into the name or description fields that exceed the buffer size, potentially crashing the device or making it u...

CVE-2022-3228

Using custom code, an attacker can write into name or description fields larger than the appropriate buffer size causing a stack-based buffer overflow on Host Engineering H0-ECOM100 Communications Module Firmware versions v5.0.155 and prior. This may allow an attacker to crash the affected device...

PT-2022-21202 · Host Engineering · H0-Ecom100 Communications Module Firmware

Name of the Vulnerable Software and Affected Versions: Host Engineering H0-ECOM100 Communications Module Firmware versions v5.0.155 and prior Description: The issue allows an attacker to cause a stack-based buffer overflow by writing into name or description fields with data larger than the...

Host Engineering Communications Module

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from adjacent network/low attack complexity Vendor: Host Engineering Equipment: H0-ECOM100 Communications Module Vulnerability: Stack-based Buffer overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the...

The vulnerability of the communication modules of H0-ECOM and H0-ECOM100 Ethernet-controllers from DirectLOGIC, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.

The vulnerability of the communication modules of H0-ECOM and H0-ECOM100 Ethernet controllers from DirectLOGIC is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending a specially crafted packet...

CVE-2012-1808

The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 does not require authentication, which allows remote attackers to perform unspecified functions via unknown vectors...

Design/Logic Flaw

The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to cause a denial of service resource consumption via unspecified vectors...

CVE-2012-1806

The CVE-2012-1806 entry concerns weak password requirements in the Koyo ECOM Ethernet modules (H0/H0-ECOM, H2-ECOM, H2-ECOM-F/100, H4-ECOM, H4-ECOM-F/100) used with DirectLogic DL06/DL205/DL405 PLC families. The root cause is a maximum 8-byte password limit enabling brute-force access (CWE-521). ...

CVE-2012-1806

The ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 supports a maximum password length of 8 bytes, which makes it easier for remote attackers to obtain access via a brute-force attack...