16 matches found
EUVD-2012-2998
Malware in sbrugna...
EUVD-2016-2587
Malware in sbrugna...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in various products such as Apogee, BacNet ATEC, Desigo CC, Intralog, OZW, Polarion, RUGGEDCOM, SICAM, SIMATIC, SIPROTEC, SIRIUS, Teamcenter and Versicharge The vulnerabilities potentially enable a malicious person to launch attacks that could result in the...
Siemens OZW Web Servers
SUMMARY OZW672 and OZW772 Web Server versions contain vulnerabilities that could allow an attacker to execute arbitrary code on the device with root privileges in versions before V8.0 or to authenticate as Administrator user in versions before V6.0. Siemens has released new versions for the...
Siemens OZW Web Server Code Execution and SQL Injection Vulnerabilities (CNVD-2025-10579 )
The OZW device web server is used for remote monitoring of building controller devices, e.g. for monitoring heating control or air conditioning status. A code execution and SQL injection vulnerability exists in the Siemens OZW672 and OZW772 web servers, which can be exploited by an attacker to...
Siemens OZW Web Servers Code Execution and SQL Injection Vulnerability
The OZW device web server is used for remote monitoring of building controller devices, e.g. for monitoring heating control or air conditioning status. A code execution and SQL injection vulnerability exists in the Siemens OZW672 and OZW772 web servers, which can be exploited by an attacker to...
Siemens OZW devices (web servers) cross-site scripting vulnerability
OZW devices web servers are used for remote monitoring of building controller devices, e.g. for monitoring heating control or air conditioning. A cross-site scripting vulnerability exists in Siemens OZW devices web servers, which can be exploited by an attacker to inject arbitrary JavaScript code...
Siemens OZW Web Server
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: OZW web server Vulnerability: Information disclosure 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated users to access project files...
Siemens OZW Devices Authentication Bypass
Binary data 720121.prm...
Siemens Synco OZW Web Server < 4.0 Default Password
Binary data 720021.prm...
CVE-2016-1488
Cross-site scripting XSS vulnerability in the login form in the integrated web server on Siemens OZW OZW672 devices before 6.00 and OZW772 devices before 6.00 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2012-3020
The Siemens Synco OZW Web Server devices OZW672., OZW772., and OZW775 with firmware before 4 have an unspecified default password, which makes it easier for remote attackers to obtain administrative access via a network session...
Default credentials
The Siemens Synco OZW Web Server devices OZW672., OZW772., and OZW775 with firmware before 4 have an unspecified default password, which makes it easier for remote attackers to obtain administrative access via a network session...
CVE-2012-3020
The Siemens Synco OZW Web Server devices OZW672., OZW772., and OZW775 with firmware before 4 have an unspecified default password, which makes it easier for remote attackers to obtain administrative access via a network session...
CVE-2012-3020
The CVE-2012-3020 issue affects Siemens Synco OZW Web Server devices OZW672., OZW772. , and OZW775 with firmware prior to 4. The root cause is an unspecified default password that allows remote administrative access over a network session. Impact described in multiple sources: unauthorized admin ...
Siemens Synco OZW Default Password
Overview Siemens has reported to ICS-CERT that a default password vulnerability exists in the Siemens Synco OZW Web Server device used for building automation systems. Siemens urges their customers to set a secure password on their device’s web interface. This vulnerability could be exploited...