Lucene search
K

7 matches found

Talos
Talos
added 2022/02/01 12:0 a.m.46 views

Sealevel Systems, Inc. SeaConnect 370W Web Server information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger...

7.4CVSS5.8AI score0.00489EPSS
Exploits0
Talos
Talos
added 2022/02/01 12:0 a.m.94 views

Sealevel Systems, Inc. SeaConnect 370W LLMNR/NBNS stack-based buffer overflow vulnerabilities

Summary A stack-based buffer overflow vulnerability exists in both the LLMNR and NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger either of the...

10CVSS9.6AI score0.02639EPSS
Exploits2
Talos
Talos
added 2022/02/01 12:0 a.m.49 views

Sealevel Systems, Inc. SeaConnect 370W OTA update task out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. Tested...

7.1CVSS6.3AI score0.00733EPSS
Exploits1
Talos
Talos
added 2022/02/01 12:0 a.m.54 views

Sealevel Systems, Inc. SeaConnect 370W Modbus/SeaMAX Remote Configuration denial of service vulnerabilities

Summary Two denial of service vulnerabilities exist in the Modbus/SeaMAX Remote Configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigger these vulnerabilities...

9.3CVSS8.4AI score0.01021EPSS
Exploits2
Talos
Talos
added 2022/02/01 12:0 a.m.50 views

Sealevel Systems, Inc. SeaConnect 370W MQTTS Certificate Validation vulnerability

Summary A misconfiguration exists in the MQTTS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. This misconfiguration significantly simplifies a man-in-the-middle attack, which directly leads to control of device functionality. Tested Versions Sealevel Systems, Inc. SeaConnect 370...

8.1CVSS7.9AI score0.00843EPSS
Exploits1
0day.today
0day.today
added 2017/04/06 12:0 a.m.95 views

Cesanta Mongoose OS - Use-After-Free Vulnerability

Exploit for hardware platform in category dos / poc Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors: Philipp Promeuschel Carel van Rooyen Stephan Sekula Date: 2017-04-03...

5CVSS7.6AI score0.12251EPSS
Exploits5
exploitpack
exploitpack
added 2017/04/06 12:0 a.m.36 views

Cesanta Mongoose OS - Use-After-Free

Cesanta Mongoose OS - Use-After-Free COMPASS SECURITY ADVISORY https://www.compass-security.com/en/research/advisories/ Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors:...

5CVSS0.12251EPSS
Exploits5
Rows per page
Query Builder