7 matches found
Dell iDRAC9 输入验证错误漏洞
The Dell iDRAC9 is a Dell offering that provides comprehensive, embedded management, and automation capabilities across the PowerEdge family of servers. A controller. A security vulnerability exists in Dell iDRAC9 version 6.00.02.00 and prior versions that originates from incorrect input validati...
CVE-2022-36385 Contec Health CMS8000
A threat actor with momentary access to the device can plug in a USB drive and perform a malicious firmware update, resulting in permanent changes to device functionality. No authentication or controls are in place to prevent a threat actor from maliciously modifying firmware and performing a...
Netgear NETGEAR JGS516PE 安全漏洞
The NETGEAR JGS516PE/GS116Ev2 is a 16-port Gigabit Smart Managed Plus switch. A firmware update vulnerability exists in the NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43. The vulnerability stems from the TFTP server being active by default. An attacker could exploit this vulnerability to update the...
CVE-2018-1170
This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
PHOENIX CONTACT mGuard Unauthorized Modification Vulnerability
Phoenix Contact mGuard is a security device from Phoenix Contact that protects systems from unauthorized access and installation. An unauthorized modification vulnerability exists in the PHOENIX CONTACT mGuard. The mGuard device relies on an internal verification of the integrity of the update...
CVE-2017-9860
An issue was discovered in SMA Solar Technology products. An attacker can use Sunny Explorer or the SMAdata2+ network protocol to update the device firmware without ever having to authenticate. If an attacker is able to create a custom firmware version that is accepted by the inverter, the invert...
CVE-2017-9860
An issue was discovered in SMA Solar Technology products. An attacker can use Sunny Explorer or the SMAdata2+ network protocol to update the device firmware without ever having to authenticate. If an attacker is able to create a custom firmware version that is accepted by the inverter, the invert...