Lucene search
+L

65 matches found

Cvelist
Cvelist
added 2024/08/10 3:52 a.m.35 views

CVE-2024-5801 IP Forwarding enabled in B&R Automation Runtime

Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering...

5.3CVSS0.00251EPSS
Exploits0References1
CVE
CVE
added 2024/08/10 3:52 a.m.57 views

CVE-2024-5801

CVE-2024-5801 affects B&R Automation Runtime; enabling IP Forwarding in versions before 6.0.2 may allow remote attackers to route IP packets through the host, potentially bypassing firewall/NAC filtering. Base score 5.3 (MEDIUM). Remediation: upgrade to 6.0.2 or later. Exploitation details are no...

5.3CVSS6.7AI score0.00251EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/10 3:52 a.m.22 views

CVE-2024-5801 IP Forwarding enabled in B&R Automation Runtime

Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering...

5.3CVSS7.1AI score0.00251EPSS
Exploits0References1
NVD
NVD
added 2024/07/09 12:15 p.m.23 views

CVE-2024-38278

A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X All versions V5.9.0, RUGGEDCOM RMC8388NC V5.X All versions V5.9.0, RUGGEDCOM RS416NCv2 V5.X All versions V5.9.0, RUGGEDCOM RS416PNCv2 V5.X All versions V5.9.0, RUGGEDCOM RS416Pv2 V5.X All versions V5.9.0, RUGGEDCOM RS416v2 V5.X All...

7.5CVSS0.00344EPSS
Exploits0References1
CVE
CVE
added 2024/07/09 12:5 p.m.63 views

CVE-2024-38278

CVE-2024-38278 affects Siemens RuggedCom devices with IP Forwarding enabled. The issue allows remote services to be exposed in non-managed VLANs, potentially enabling a remote shell on the affected system. Affected families include RMC8388, RS416NCv2, RS416PNCv2, RS416Pv2, RS416v2, RS900 series, ...

7.5CVSS6.2AI score0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/09 12:5 p.m.12 views

CVE-2024-38278

A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X All versions V5.9.0, RUGGEDCOM RMC8388NC V5.X All versions V5.9.0, RUGGEDCOM RS416NCv2 V5.X All versions V5.9.0, RUGGEDCOM RS416PNCv2 V5.X All versions V5.9.0, RUGGEDCOM RS416Pv2 V5.X All versions V5.9.0, RUGGEDCOM RS416v2 V5.X All...

7.5CVSS6.2AI score0.00344EPSS
Exploits0References1
CNVD
CNVD
added 2024/03/01 12:0 a.m.10 views

MOXA EDS-4000/G4000 Series Security Bypass Vulnerability

MOXA EDS-4000/G4000 Series is a series of industrial managed Ethernet switches from MOXA, China. A security bypass vulnerability exists in MOXA EDS-4000/G4000 Series prior to version 3.2, which originates from a user-deactivatable IP forwarding feature, and can be exploited by an attacker to bypa...

6.5CVSS6.8AI score0.00538EPSS
Exploits0References1
NVD
NVD
added 2024/02/26 4:27 p.m.22 views

CVE-2024-0387

The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests...

6.5CVSS6.5AI score0.00538EPSS
Exploits0References1
Prion
Prion
added 2024/02/26 4:27 p.m.20 views

Design/Logic Flaw

The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests...

5.2CVSS7.4AI score0.00538EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/26 1:26 p.m.29 views

CVE-2024-0387 EDS-4000/G4000 Series IP Forwarding Vulnerability

The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests...

6.5CVSS6.7AI score0.00538EPSS
Exploits0References1
CVE
CVE
added 2024/02/26 1:26 p.m.109 views

CVE-2024-0387

The CVE-2024-0387 issue affects MOXA EDS-4000/G4000 Series before version 3.2. The vulnerability stems from an IP forwarding capability that users cannot deactivate, allowing an attacker to send requests to the device and have them forwarded to a target, potentially bypassing access controls and ...

6.5CVSS6.5AI score0.00538EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/26 1:26 p.m.11 views

CVE-2024-0387 EDS-4000/G4000 Series IP Forwarding Vulnerability

The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests...

6.5CVSS6.5AI score0.00538EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/26 12:0 a.m.7 views

PT-2024-1844 · Unknown · Eds-4000/G4000 Series

Name of the Vulnerable Software and Affected Versions: EDS-4000/G4000 Series versions prior to 3.2 Description: The issue is related to a bypass of access control mechanisms in the web service of the EDS-4000/G4000 Series managed switch firmware. This could allow a remote attacker to send request...

7.7CVSS7.3AI score0.00538EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2023/04/17 12:0 a.m.9 views

CVE-2023-28971 Paragon Active Assurance: Enabling the timescaledb enables IP forwarding

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the timescaledb feature of Juniper Networks Paragon Active Assurance PAA Formerly Netrounds allows an attacker to bypass existing firewall rules and limitations used to restrict internal communcations. The Tes...

7.2CVSS7AI score0.00382EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 7:59 p.m.97 views

K16430721: IP forwarding vulnerability CVE-1999-0511

Security Advisory Description IP forwarding is enabled on a machine which is not a router or firewall. CVE-1999-0511 Impact F5 products are not affected by this vulnerability in default configurations. However, Nessus or similar scanning tools may send alerts for BIG-IP systems in the following...

9.1CVSS6.5AI score0.06908EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2022/11/09 8:0 a.m.2 views

handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet resulting in Denial of Service.

...

6.5CVSS6.7AI score0.5346EPSS
Exploits1
OSV
OSV
added 2022/11/07 3:15 a.m.1 views

ALPINE-CVE-2022-44793

handleipv6IpForwarding in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service...

6.5CVSS6.9AI score0.5346EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2021/11/24 12:0 a.m.34 views

IP Forwarding Enabled - Active Check

Checks if the remote host has IP forwarding enabled. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS7.2AI score0.06908EPSS
Exploits0
seebug.org
seebug.org
added 2021/07/21 12:0 a.m.266 views

Dell OpenManage Enterprise docker实例预认证RCE认证绕过漏洞(CVE-2021-21596)

Details - Remote Auth Bypass with 2 pre-auth RCEs in docker instances There is a chain of pre-auth vulnerabilities allowing to: get a shell on the redis container, as redis get a shell on the postgres container, as postgres get a full access to the postgres database bypass authentication on the w...

0.0075EPSS
Exploits1
OSV
OSV
added 2021/03/16 5:15 p.m.5 views

CVE-2020-28899

The Web CGI Script on ZyXEL LTE4506-M606 V1.00ABDO.2C0 devices does not require authentication, which allows remote unauthenticated attackers via crafted JSON action data to /cgi-bin/gui.cgi to use all features provided by the router. Examples: change the router password, retrieve the Wi-Fi...

9.1CVSS5.8AI score0.01632EPSS
Exploits0References1
Rows per page
Query Builder