MBS多款产品 参数注入漏洞

MBS UBR-01 Mk II, etc., are products of the German MBS company. The MBS UBR-01 Mk II is a remote base station device. The MBS UBR-02 is also a remote base station device. The MBS UBR-LON is a communication interface device for industrial automation systems. Several MBS products have parameter...

MBS多款产品 缓冲区错误漏洞

MBS UBR-01 Mk II, etc., are products of the German MBS company. MBS UBR-01 Mk II is a remote base station device. MBS UBR-02 is also a remote base station device. MBS UBR-LON is a communication interface device for industrial automation systems. Several MBS products have a buffer overflow...

MBS多款产品 安全漏洞

MBS UBR-01 Mk II, etc., are products of the German MBS company. The MBS UBR-01 Mk II is a remote base station device. The MBS UBR-02 is also a remote base station device. The MBS UBR-LON is a communication interface device for industrial automation systems. Several MBS products have security...

MBS多款产品 安全漏洞

MBS UBR-01 Mk II, etc., are products of the German MBS company. The MBS UBR-01 Mk II is a remote base station device. The MBS UBR-02 is also a remote base station device. The MBS UBR-LON is a communication interface device for industrial automation systems. Several MBS products have security...

CVE-2026-20761

A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in arbitrary OS command execution on the device...

CVE-2026-22885

A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in a memory leak from the program's memory...

CVE-2026-22885 EnOcean SmartServer IoT Out-of-bounds Read

A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in a memory leak from the program's memory...

lon-resource.wimobile.casinarena.com Cross Site Scripting vulnerability OBB-1403357

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Huawei Mate 9 Pro Information Disclosure Vulnerability

Huawei Mate 9 Pro is a smartphone from Chinese company Huawei Huawei. An information disclosure vulnerability exists in Huawei Mate 9 Pro LON-L29C prior to version 8.0.0.361 C636, which stems from a lack of input checking. The vulnerability can be exploited by an attacker to read process...

CVE-2018-8859

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specified in the security configuration file by including extra characters in the directory name when...

CVE-2018-8859

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specified in the security configuration file by including extra characters in the directory name when...

CVE-2017-17225

The Near Field Communication NFC module in Huawei Mate 9 Pro mobile phones with the versions before LON-AL00B 8.0.0.340aC00 has a buffer overflow vulnerability due to the lack of input validation. An attacker may use an NFC card reader or another device to inject malicious data into a target mobi...

CVE-2017-17280

NFC Near Field Communication module in Huawei mobile phones with software LON-AL00BC00 has an information leak vulnerability. The attacker has to trick a user to do some specific operations and then craft the NFC message to exploit this vulnerability. Successful exploit will cause some informatio...

CVE-2017-17326

Huawei Mate 9 Pro Smartphones with software of LON-AL00BC00B139D; LON-AL00BC00B229 have an activation lock bypass vulnerability. The smartphone is supposed to be activated by the former account after reset if find my phone function is on. The software does not have a sufficient protection of...

CVE-2017-17280

CVE-2017-17280 describes an information-disclosure vulnerability in the NFC module of Huawei mobile phones (noted for a model like LON-AL00BC00). The vulnerability requires the attacker to induce the user to perform specific actions and then craft an NFC message to trigger the leak. Multiple conn...

CVE-2017-17285

Bluetooth module in some Huawei mobile phones with software LON-AL00BC00B229 and earlier versions has a buffer overflow vulnerability. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth AVDTP/AVCTP messages after successful paring, causing buffer overflow...

CVE-2017-15345

Huawei Smartphones with software LON-L29DC721B186 have a denial of service vulnerability. An attacker could make an loop exit condition that cannot be reached by sending the crafted 3GPP message. Successful exploit could cause the device to reboot...

CVE-2017-15347

Huawei Mate 9 Pro mobile phones with software of versions earlier than LON-AL00BC00B235 have a use after free UAF vulnerability. An attacker tricks a user into installing a malicious application, and the application can riggers access memory after free it. A local attacker may exploit this...

CVE-2017-17285

CVE-2017-17285 maps to a Huawei Bluetooth module buffer overflow vulnerability. Affected devices include Huawei mobile phones with software versions such as LON-AL00BC00B229 and earlier. The root cause is insufficient input validation in the Bluetooth AVDTP/AVCTP handling after pairing, allowing ...

Huawei LON-AL00B Bluetooth Module Buffer Overflow Vulnerability

The Huawei LON-AL00B is a cell phone from the Chinese company Huawei Huawei. The Huawei LON-AL00B Bluetooth module suffers from a buffer overflow vulnerability due to the program failing to adequately validate input. An attacker could forge or tamper with Bluetooth AVDTP/AVCTP messages after...