Design/Logic Flaw

Affected devices use a weak checksum algorithm to protect the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that tricks a legitimate administrator to upload a modified configuration...

CVE-2023-44319

CVE-2023-44319 affects Siemens SCALANCE and RUGGEDCOM devices (e.g., RM1224 LTE, M8xx/UM8xx/SCALANCE S615/WAB/WUM/WAM series). Root cause: use of a weak checksum algorithm to protect exported configuration backups, enabling an authenticated admin or a tricked admin to upload a modified backup and...

PT-2023-6991 · Siemens · Scalance M826-2 Shdsl-Router +14

Name of the Vulnerable Software and Affected Versions: SCALANCE M804PB versions prior to V8.0 SCALANCE M812-1 ADSL-Router versions prior to V8.0 SCALANCE M816-1 ADSL-Router versions prior to V8.0 SCALANCE M826-2 SHDSL-Router versions prior to V8.0 SCALANCE M874-2 versions prior to V8.0 SCALANCE...

Youku client update process suffers from arbitrary file download vulnerability

Youku PC client is a video player that supports both online and local use. An arbitrary file download vulnerability exists in the Youku PC client update process. The vulnerability is caused by the client update process using an insecure HTTP communication protocol to interact with the server, and...