EUVD-2018-10125

Malware in sbrugna...

Sealevel Systems, Inc. SeaConnect 370W Web Server information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger...

Sealevel Systems, Inc. SeaConnect 370W OTA update task file overwrite vulnerability

Summary A file write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to arbitrary file overwrite. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. Tested Version...

Sealevel Systems, Inc. SeaConnect 370W LLMNR/NBNS stack-based buffer overflow vulnerabilities

Summary A stack-based buffer overflow vulnerability exists in both the LLMNR and NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger either of the...

Sealevel Systems, Inc. SeaConnect 370W Modbus/SeaMAX Remote Configuration denial of service vulnerabilities

Summary Two denial of service vulnerabilities exist in the Modbus/SeaMAX Remote Configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigger these vulnerabilities...