138 matches found
PT-2023-14127 · Siretta · Siretta Quartz-Gold
Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: Several OS command injection vulnerabilities exist in the m2m binary. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network...
PT-2023-14125 · Siretta · Siretta Quartz-Gold
Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: The issue concerns OS command injection vulnerabilities in the m2m binary. A specially-crafted network request can lead to arbitrary command execution. An attacker can exploit th...
OESA-2022-1872 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not...
DEBIAN-CVE-2022-20369
In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...
EMQ X User Enumeration Vulnerability
EMQ X is a fully open source, highly scalable and highly available distributed MQTT messaging agent for IoT, M2M and mobile applications. Suitable for IoT, M2M and mobile applications EMQ programs can handle tens of millions of concurrent clients. EMQ X Dashboard version V3.0.0 contains a user...
DEBIAN-CVE-2020-22038
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ffv4l2m2mcreatecontext function in v4l2m2m.c...
UBUNTU-CVE-2020-22038
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ffv4l2m2mcreatecontext function in v4l2m2m.c...
FFmpeg 安全漏洞
FFmpeg is a complete solution for recording, converting and streaming audio and video. A security vulnerability exists in FFmpeg that originates from a memory leak in the ffv4l2m2mcreatecontext function of v4l2m2m.c. The vulnerability can be exploited to cause a denial of service. An attacker can...
CVE-2018-17926
The product M2M ETHERNET FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism...
CVE-2018-17926
The product M2M ETHERNET FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism...
Authentication flaw
The product M2M ETHERNET FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism...
CVE-2018-17926
The product M2M ETHERNET FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism...
CVE-2018-17926
Summary of CVE-2018-17926 (ABB M2M ETHERNET) Vulnerability: Improper authentication (CWE-287) in ABB M2M ETHERNET devices allows an attacker to upload a malicious language file by bypassing user authentication. Affected products/versions: M2M ETHERNET with FW 2.22 and prior and ETH-FW 1.01 and pr...
The Promise and Peril of 5G
The next generation of mobile cellular technology known as fifth-generation wireless 5G is hitting a peak in the hype cycle, emerging as a major theme/5G.aspx at the Consumer Electronics Show CES this week. Wireless carriers are investing billions of dollars into the technology, which requires a...
ABB M2M ETHERNET Detection
Detection of ABB M2M ETHERNET. The script sends a connection request to the server and attempts to detect ABB M2M ETHERNET and to extract its version. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...
ABB M2M ETHERNET Improper Authentication Vulnerability
ABB M2M ETHERNET is a network analysis device from ABB Switzerland. An authorization issue vulnerability exists in ABB M2M ETHERNET FW version 2.22 and earlier and ETH-FW version 1.01 and earlier. An attacker can exploit this vulnerability to upload malicious language files...
ABB M2M ETHERNET
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: ABB Equipment: M2M ETHERNET Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload a malicious...
Parlez-vous Machine?
Have you ever heard of the MQTT or CoAP protocols? No? Well the device on your wrist, and so many devices around you, could be using them right now. MQTT and CoAP are machine-to-machine or M2M protocols. With the rise of the internet of things IoT and operational technology OT, there’s increased...
CVE-2018-14784
NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. The device is vulnerable to several cross-site scripting attacks, allowing a remote attacker to run arbitrary code on the device...
Cross site request forgery (csrf)
NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. A cross-site request forgery condition can occur, allowing an attacker to change passwords of the device remotely...