133 matches found
CVE-2020-12513
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection...
CVE-2020-12512
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting...
CVE-2020-12513
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection...
CVE-2020-12514
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd...
CVE-2020-12512
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting...
CVE-2020-12514
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd...
CVE-2020-12511
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery CSRF in the web interface...
Null pointer dereference
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd...
Cross site request forgery (csrf)
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery CSRF in the web interface...
Cross site scripting
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting...
Command injection
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection...
CVE-2020-12512
CVE-2020-12512 affects Pepperl+Fuchs Comtrol IO-Link Master (System 1.36 / Application 1.5.x) up to 1.5.28/1.5.48 (and below). The issue is an authenticated reflected POST Cross‑Site Scripting vulnerability in the device/web interface. Vulnerable component: IO-Link Master firmware/applications; r...
CVE-2020-12514
CVE-2020-12514 affects Pepperl+Fuchs Comtrol IO-Link Master (versions 1.5.48 and earlier). The vulnerability is a NULL pointer dereference in the discoveryd component, causing a DoS. The provided connected documents confirm the affected product and version range and describe the root cause as a N...
CVE-2020-12512 Pepper+Fuchs Comtrol IO-Link Master Cross-Site Scripting
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting...
CVE-2020-12511
Pepperl+Fuchs Comtrol IO-Link Master (Series) is affected by a CSRF vulnerability in the web interface for versions 1.5.48 and earlier. The issue arises in the device’s web UI and is reported to allow unauthorized actions via cross-site requests. Proof/coverage from multiple sources confirms vuln...
CVE-2020-12513
Pepperl+Fuchs Comtrol IO-Link Master Series is affected by CVE-2020-12513. Vulnerable versions include System 1.36 and Application 1.5.28 (and 1.5.48 and earlier per CVE listing) with an authenticated blind OS Command Injection. Fixed versions are System 1.52 and Application 1.6.11. The vulnerabi...
CVE-2020-12513 Pepper+Fuchs Comtrol IO-Link Master OS Command Injection
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection...
WAGO M&M Software fdtCONTAINER (Update C)
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: M&M Software GmbH, a subsidiary of WAGO Kontakttechnik Equipment: fdtCONTAINER Vulnerability: Deserialization of Untrusted Data 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...
Pepperl Fuchs IO-link Master Series Cross-Site Scripting Vulnerability
The Pepperl Fuchs IO-link Master Series is a series of industrial devices for managing communications between sensors and controllers from Pepperl Fuchs, Germany. The devices can be used in a gateway function between Ethernet and IO-Link, facilitating reliable and efficient communication between...
Pepperl+Fuchs IO-Link Master Series 1.36 CSRF / XSS / Command Injection
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Pepperl+Fuchs IO-Link Master Series See "Vulnerable / tested versions" vulnerable version: System 1.36 / Application 1.5.28 fixed versio...