Lucene search
K

17 matches found

EUVD
EUVD
added 2026/04/04 12:31 a.m.5 views

EUVD-2017-18961

ProSoft Technology ICX35-HWC versions 1.3 and prior cellular gateways contain an input validation vulnerability in the web user interface that allows remote attackers to inject and execute system commands by submitting malicious input through unvalidated fields. Attackers can exploit this...

9.8CVSS6.2AI score0.00683EPSS
Exploits0References3
NVD
NVD
added 2026/04/03 11:17 p.m.9 views

CVE-2017-20236

ProSoft Technology ICX35-HWC versions 1.3 and prior cellular gateways contain an input validation vulnerability in the web user interface that allows remote attackers to inject and execute system commands by submitting malicious input through unvalidated fields. Attackers can exploit this...

9.8CVSS0.00683EPSS
Exploits0References2
NVD
NVD
added 2026/04/03 11:17 p.m.10 views

CVE-2017-20235

ProSoft Technology ICX35-HWC version 1.3 and prior cellular gateways contain an authentication bypass vulnerability in the web user interface that allows unauthenticated attackers to gain access to administrative functions without valid credentials. Attackers can bypass the authentication mechani...

9.8CVSS0.00451EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/03 10:54 p.m.23 views

CVE-2017-20236 ProSoft Technology ICX35-HWC Command Injection via Web Interface

ProSoft Technology ICX35-HWC versions 1.3 and prior cellular gateways contain an input validation vulnerability in the web user interface that allows remote attackers to inject and execute system commands by submitting malicious input through unvalidated fields. Attackers can exploit this...

9.8CVSS0.00683EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/03 10:54 p.m.3 views

CVE-2017-20236 ProSoft Technology ICX35-HWC Command Injection via Web Interface

ProSoft Technology ICX35-HWC versions 1.3 and prior cellular gateways contain an input validation vulnerability in the web user interface that allows remote attackers to inject and execute system commands by submitting malicious input through unvalidated fields. Attackers can exploit this...

9.8CVSS6.2AI score0.00683EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/03 10:51 p.m.6 views

CVE-2017-20235 ProSoft Technology ICX35-HWC Authentication Bypass

ProSoft Technology ICX35-HWC version 1.3 and prior cellular gateways contain an authentication bypass vulnerability in the web user interface that allows unauthenticated attackers to gain access to administrative functions without valid credentials. Attackers can bypass the authentication mechani...

9.3CVSS5.9AI score0.00451EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/03 10:51 p.m.20 views

CVE-2017-20235 ProSoft Technology ICX35-HWC Authentication Bypass

ProSoft Technology ICX35-HWC version 1.3 and prior cellular gateways contain an authentication bypass vulnerability in the web user interface that allows unauthenticated attackers to gain access to administrative functions without valid credentials. Attackers can bypass the authentication mechani...

9.3CVSS0.00451EPSS
Exploits0References2
CVE
CVE
added 2026/04/03 10:51 p.m.15 views

CVE-2017-20235

CVE-2017-20235 affects ProSoft Technology ICX35-HWC gateways (firmware version 1.3 and earlier). The issue is an authentication bypass in the web user interface that lets unauthenticated attackers access administrative functions and full device configuration without valid credentials. Affected co...

9.8CVSS5.9AI score0.00451EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.8 views

ProSoft ICX35-HWC 操作系统命令注入漏洞

The ProSoft ICX35-HWC is an industrial-grade cellular communication gateway device from the ProSoft company in the United States. Versions of ProSoft ICX35-HWC prior to version 1.3 contained a vulnerability related to operating system command injection. This vulnerability stemmed from input...

9.8CVSS6AI score0.00683EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30260

ProSoft Technology ICX35-HWC versions 1.3 and prior cellular gateways contain an input validation vulnerability in the web user interface that allows remote attackers to inject and execute system commands by submitting malicious input through unvalidated fields. Attackers can exploit this...

9.8CVSS6.2AI score0.00683EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.3 views

PT-2026-30259

ProSoft Technology ICX35-HWC version 1.3 and prior cellular gateways contain an authentication bypass vulnerability in the web user interface that allows unauthenticated attackers to gain access to administrative functions without valid credentials. Attackers can bypass the authentication mechani...

9.3CVSS5.9AI score0.00451EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.14 views

CVE-2021-22661

Changing the password on the module webpage does not require the user to type in the current password first. Thus, the password could be changed by a user or external process without knowledge of the current password on the ICX35-HWC-A and ICX35-HWC-E Versions 1.9.62 and prior...

7.5CVSS7AI score0.01019EPSS
Exploits0References1
NVD
NVD
added 2021/02/26 3:15 p.m.22 views

CVE-2021-22661

Changing the password on the module webpage does not require the user to type in the current password first. Thus, the password could be changed by a user or external process without knowledge of the current password on the ICX35-HWC-A and ICX35-HWC-E Versions 1.9.62 and prior...

7.5CVSS0.01019EPSS
Exploits0References1
Prion
Prion
added 2021/02/26 3:15 p.m.15 views

Type confusion

Changing the password on the module webpage does not require the user to type in the current password first. Thus, the password could be changed by a user or external process without knowledge of the current password on the ICX35-HWC-A and ICX35-HWC-E Versions 1.9.62 and prior...

5CVSS7.5AI score0.01019EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2021/02/26 2:50 p.m.26 views

CVE-2021-22661

Changing the password on the module webpage does not require the user to type in the current password first. Thus, the password could be changed by a user or external process without knowledge of the current password on the ICX35-HWC-A and ICX35-HWC-E Versions 1.9.62 and prior...

7.7AI score0.01019EPSS
Exploits0References1
CVE
CVE
added 2021/02/26 2:50 p.m.166 views

CVE-2021-22661

ProSoft Technology ICX35-HWC-A and ICX35-HWC-E (Versions 1.9.62 and earlier) are affected by CVE-2021-22661. The issue stems from permissions/privileges and access controls in the module web interface: changing the password on the module webpage does not require the current password, allowing a p...

7.5CVSS7.5AI score0.01019EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2021/02/25 12:0 a.m.153 views

ProSoft Technology ICX35

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ProSoft Technology Equipment: ICX35-HWC-A and ICX35-HWC-E Vulnerability: Permissions, Privileges, and Access Controls 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

7.5CVSS7.8AI score0.01019EPSS
Exploits0References5
Rows per page
Query Builder