Siemens TeleControl Server Basic SQL

SUMMARY TeleControl Server Basic before V3.1.2.2 contains multiple SQL Injection vulnerabilities that could allow an attacker to read and write to the application's DB, cause denial of service and execute code in an OS shell with limited "NT AUTHORITY\NetworkService" permissions. Siemens has...

Siemens Industrial Edge Management

SUMMARY Industrial Edge Management is affected by a reflected cross-site scripting XSS vulnerability that could allow an attacker to extract sensitive information by tricking users into accessing a malicious link. Siemens recommends countermeasures for products where fixes are not, or not yet...

PT-2022-22390 · Buffalo · Wzr-450Hp-Cwt +8

Name of the Vulnerable Software and Affected Versions: WZR-300HP firmware Ver. 2.00 and earlier WZR-450HP firmware Ver. 2.00 and earlier WZR-600DHP firmware Ver. 2.00 and earlier WZR-900DHP firmware Ver. 1.15 and earlier HW-450HP-ZWE firmware Ver. 2.00 and earlier WZR-450HP-CWT firmware Ver. 2.00...

Microsoft Exchange Server 2003 Outlook Web Access Random Mailbox Access Vulnerability

Description A vulnerability has been reported in Exchange Server 2003 with Outlook Web Access OWA configured. Exploitation of this vulnerability could allow an authenticated OWA user to connect to another user's OWA mailbox. Technologies Affected Microsoft Exchange Server 2003 Recommendations Blo...