34 matches found
EUVD-2014-2989
Malware in sbrugna...
EUVD-2010-4257
Malware in sbrugna...
EUVD-2014-2759
Malware in sbrugna...
VulnCheck KEV: CVE-2014-2908
Cross-site scripting XSS vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Siemens CP1604 and CP1616 Improper Neutralization of Input During Web Page Generation (CVE-2018-13809)
A vulnerability has been identified in CP 1604 All versions, CP 1616 All versions. The integrated web server of the affected CP devices could allow Cross-Site Scripting XSS attacks if unsuspecting users are tricked into following a malicious link. User interaction is required for a successful...
CVE-2022-45937
A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, TALON TC Compact BACnet All versions V3.5.5, TALON TC...
Information disclosure
A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, TALON TC Compact BACnet All versions V3.5.5, TALON TC...
CVE-2022-45937
A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, TALON TC Compact BACnet All versions V3.5.5, TALON TC...
Siemens SIMATIC S7-1200 HTTP Response Splitting (CVE-2014-2908)
Cross-site scripting XSS vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This plugin only works with Tenable.ot. Please visit...
Siemens BACnet Field Panels Authentication Bypass Using an Alternate Path or Channel (CVE-2017-9946)
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions V3.5. An attacker with network access to the integrated web server 80/tcp and 443/tcp could bypass the authentication and download sensitive information from the device. This plugi...
Siemens EN100 Ethernet Module Relative Path Traversal (CVE-2019-13944)
A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...
Siemens SIMATIC CP 343-1/CP 443-1 Modules and SIMATIC S7-300/S7-400 CPUs (CVE-2016-8672)
A vulnerability has been identified in SIMATIC CP 343-1 Advanced incl. SIPLUS NET variant All versions V3.0.53, SIMATIC CP 443-1 Advanced incl. SIPLUS NET variant All versions V3.2.17, SIMATIC S7-300 PN/DP CPU family incl. SIPLUS variants All versions, SIMATIC S7-400 PN/DP CPU family incl. SIPLUS...
CVE-2020-15799
A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0. The vulnerability could allow an unauthenticated attacker to reboot the device over the network by usin...
Design/Logic Flaw
A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0. The vulnerability could allow an unauthenticated attacker to reboot the device over the network by usin...
CVE-2020-15799
A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0. The vulnerability could allow an unauthenticated attacker to reboot the device over the network by usin...
CVE-2019-13944
A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...
PT-2019-13485 · Hms Networks · En100 Ethernet Module Iec 61850 Variant +4
Name of the Vulnerable Software and Affected Versions: EN100 Ethernet module DNP3 variant All versions EN100 Ethernet module IEC 61850 variant All versions V4.37 EN100 Ethernet module IEC104 variant All versions EN100 Ethernet module Modbus TCP variant All versions EN100 Ethernet module PROFINET ...
Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit
Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Product web page: https://www.inim.biz Link:...
CVE-2019-13525
In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network...
Hardcoded credentials
In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs Network Video Recorders, which can be accessed without authentication over the network...