14 matches found
CVE-2019-18997
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting...
CVE-2019-18995
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting...
EUVD-2019-8649
Malware in sbrugna...
EUVD-2019-8651
Malware in sbrugna...
CVE-2019-18997
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting...
CVE-2019-18997
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting...
CVE-2019-18995
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting...
CVE-2019-18995
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting...
Design/Logic Flaw
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting...
Path traversal
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting...
CVE-2019-18997
ABB PB610 Panel Builder 600's HMISimulator component exposes a path traversal vulnerability. In PB610 HMISimulator versions 2.8.0.424 and earlier, the readFile/writeFile interface can manipulate the work file in a way that may allow access to files outside the working directory, enabling unauthor...
CVE-2019-18997 PB610 HMISimulator provides interface with access to arbitrary files
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting...
CVE-2019-18995 ABB PB610 HMISimulator does not check content-length of the HTTP request
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting...
CVE-2019-18995
The CVE-2019-18995 issue affects ABB PB610 Panel Builder 600 HMISimulator component, specifically versions 2.8.0.424 and earlier. The root cause is that the HMISimulator fails to validate the HTTP Content-Length header, allowing crafted HTTP requests to trigger a denial-of-service condition. Mult...