36 matches found
EUVD-2020-5775
Malware in sbrugna...
EUVD-2020-5774
Malware in sbrugna...
EUVD-2023-59418
Malicious code in bioql PyPI...
CVE-2020-13527
An authentication bypass vulnerability exists in the Web Manager functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause increased privileges. An attacker can send an HTTP request to trigger this vulnerability...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on April 29, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-119-01 Rockwell Automation ThinManager ICSA-25-119-02 Delta Electronics ISPSoft...
CVE-2025-2567 Lantronix Xport Missing Authentication for Critical Function
An attacker could modify or disable settings, disrupt fuel monitoring and supply chain operations, leading to disabling of ATG monitoring. This would result in potential safety hazards in fuel storage and transportation...
CISA Releases Nine Industrial Control Systems Advisories
CISA released nine Industrial Control Systems ICS advisories on April 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-105-01 Siemens Mendix Runtime ICSA-25-105-02 Siemens Industrial Edge Device Kit...
Lantronix XPort (Update A)
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker unauthorized access to the configuration interface and cause disruption to monitoring and operations. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...
Lantronix Xport 访问控制错误漏洞
Lantronix Xport is a compact, integrated solution from Lantronix USA that supports virtually any device with serial port capability. An access control error vulnerability exists in Lantronix Xport versions 6.5.0.7 through 7.0.0.3, which originates from a setting that can be modified or disabled b...
CVE-2023-7237
Lantronix XPort sends weakly encoded credentials within web request headers...
CVE-2023-7237
Lantronix XPort sends weakly encoded credentials within web request headers...
CVE-2023-7237
CVE-2023-7237 affects Lantronix XPort (XPort Device Server Configuration Manager, v2.0.0.13) where credentials are weakly encoded in web request headers. The issue is documented in multiple sources (NVD, CISA ICS advisory) with CVSS v3.1 base score 5.7 (ATT&CK details not explicitly stated). The ...
CVE-2023-7237 Lantronix XPort Weak Encoding for Password
Lantronix XPort sends weakly encoded credentials within web request headers...
Lantronix XPort
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION : Low attack complexity Vendor : Lantronix Equipment : XPort Vulnerability : Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain credentials. 3. TECHNICAL DETAILS 3.1...
Lantronix Xport Encryption Issue Vulnerability
Lantronix Xport Edge is a hardware device from Lantronix, Inc. that enables Ethernet connectivity and control of industrial equipment. A security vulnerability exists in Lantronix Xport version 2.0.0.13, which is caused by sending weakly encoded credentials in the web request header...
PT-2024-15243 · Lantronix · Lantronix Xport
Name of the Vulnerable Software and Affected Versions: Lantronix XPort affected versions not specified Description: The issue concerns the transmission of weakly encoded credentials within web request headers. Recommendations: At the moment, there is no information about a newer version that...
The vulnerability of the graph_xport.php component of the Cacti network monitoring software allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the graphxport.php component of the Cacti network monitoring software is related to an error in the handling of authentication keys controlled by users. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected...
CVE-2020-13528
An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause information disclosure. An attacker can sniff the network to trigger this vulnerabilit...
CVE-2020-13527
An authentication bypass vulnerability exists in the Web Manager functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause increased privileges. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2020-13527
An authentication bypass vulnerability exists in the Web Manager functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause increased privileges. An attacker can send an HTTP request to trigger this vulnerability...