29 matches found
EUVD-2014-2393
Malware in sbrugna...
EUVD-2012-2984
Malware in sbrugna...
EUVD-2015-3997
Malware in sbrugna...
CVE-2012-3006
The Innominate mGuard Smart HW before HW-101130 and BD before BD-101030, mGuard industrial RS, mGuard delta HW before HW-103060 and BD before BD-211010, mGuard PCI, mGuard blade, and EAGLE mGuard appliances with software before 7.5.0 do not use a sufficient source of entropy for private keys, whi...
PHOENIX CONTACT, Innominate Security Technologies mGuard Firmware
CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: PHOENIX CONTACT, Innominate Security Technologies Equipment: mGuard firmware Vulnerability: Null Pointer Dereference AFFECTED PRODUCTS The following versions of mGuard firmware versions 8.0.0 to 8.5.1, running on thes...
Innominate mGuard IPsec SA establishment process denial of service vulnerability
The IPsec SA establishment process on Innominate mGuard device is an IPsec SA establishment process from Innominate, Germany, that runs on a family of network security appliances including firewalls and VPNs. A security vulnerability exists in the IPsec SA establishment process in Innominate mGua...
Design/Logic Flaw
The IPsec SA establishment process on Innominate mGuard devices with firmware 8.x before 8.1.7 allows remote authenticated users to cause a denial of service VPN service restart by leveraging a peer relationship to send a crafted configuration with compression...
CVE-2015-3966
CVE-2015-3966 affects Innominate mGuard devices running firmware 8.x prior to 8.1.7. The vulnerability exists in the IPsec SA establishment process and can be triggered by a peer sending a crafted configuration with compression, leading to a denial-of-service (VPN service restart). Affected firmw...
CVE-2015-3966
The IPsec SA establishment process on Innominate mGuard devices with firmware 8.x before 8.1.7 allows remote authenticated users to cause a denial of service VPN service restart by leveraging a peer relationship to send a crafted configuration with compression...
Innominate mGuard VPN Vulnerability
OVERVIEW Innominate mGuard has self identified a denial-of-service DoS vulnerability in the Innominate mGuard device. Inominate has produced a patch to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following mGuard versions are affected:...
CVE-2014-9193
Innominate mGuard with firmware before 7.6.6 and 8.x before 8.1.4 allows remote authenticated admins to obtain root privileges by changing a PPP configuration setting...
Design/Logic Flaw
Innominate mGuard with firmware before 7.6.6 and 8.x before 8.1.4 allows remote authenticated admins to obtain root privileges by changing a PPP configuration setting...
CVE-2014-9193
Summary: CVE-2014-9193 affects Innominate mGuard industrial routers. The vulnerability is an improper privilege management flaw that allows an authenticated administrator to escalate to root privileges by modifying a PPP configuration setting. Affected versions: Firmware before 7.6.6 and 8.x befo...
CVE-2014-9193 Innominate mGuard Improper Privilege Management
Innominate mGuard with firmware before 7.6.6 and 8.x before 8.1.4 allows remote authenticated admins to obtain root privileges by changing a PPP configuration setting...
PT-2014-8879 · Innominate · Mguard
Name of the Vulnerable Software and Affected Versions: Innominate mGuard versions prior to 7.6.6 Innominate mGuard versions 8.x prior to 8.1.4 Description: The issue allows remote authenticated administrators to gain root privileges by modifying a specific PPP configuration setting...
Innominate mGuard Privilege Escalation Vulnerability
OVERVIEW Innominate Security Technologies has identified a privilege escalation vulnerability affecting all mGuard devices. Innominate has produced a firmware patch that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following Innominate mGuard...
CVE-2014-2356
Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request...
Cross site request forgery (csrf)
Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request...
ICS-CERT Warns of Flaw in Innominate mGuard Secure Cloud Product
The ICS-CERT is warning users about a vulnerability in a secure public cloud product from Innominate that enables an attacker to gain valuable configuration data about a target system, information that could be used in future attacks. The vulnerability is an information disclosure bug in the...
CVE-2014-2356
CVE-2014-2356 affects Innominate mGuard devices. Affected firmware prior to 7.6.4 and 8.x before 8.0.3 allow remote attackers to download configuration snapshots via a crafted HTTPS request without authentication, enabling unauthorized information disclosure (network exposure). The ICS-CERT advis...