4 matches found
CVE-2026-50194
Steeltoe CVE-2026-50194 affects management endpoints when configured to listen on an alternate port. Versions 3.2.2–3.3.0 and 4.1.0 use the Host header to gate access instead of the socket port, enabling port-isolation bypass. Patches are in 3.4.0 and 4.2.0. If upgrading isn’t possible, apply exp...
Siemens RUGGEDCOM 安全漏洞
RUGGEDCOM ros-based devices, typically switches and serial-to-Ethernet devices, are used to connect equipment that operates in harsh environments, such as power substations and traffic control cabinets. A mirrored port isolation vulnerability exists in Siemens RUGGEDCOM ROS devices, which can be...
Mechanize before v2.8.5 vulnerable to authorization header leak on port redirect
Summary Mechanize rubygem Cookies do not provide isolation by port. If a cookie is readable by a service running on one port, the cookie is also readable by a service running on another port of the same server. If a cookie is writable by a service on one port, the cookie is also writable by a...
Multiple SCALANCE X switches products mirror port isolation vulnerability
SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human machine interfaces HMIs. A mirror port isolation vulnerability exists in several SCALANCE X switches products. The vulnerability is due to the monitoring barriers on the affected...