Controller Cecc-x-m1-ys-l2 Firmware Security Vulnerabilities and Issues — Controller Cecc-x-m1-ys-l2 Firmware CVE List

Lucene search

FestoController Cecc-x-m1-ys-l2 Firmware

5 matches found

CVE•added 2022/06/13 2:15 p.m.•73 views

CVE-2022-30309

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-off" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.

10CVSS9.8AI score0.00649EPSS

CVE•added 2022/06/13 2:15 p.m.•71 views

CVE-2022-30308

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-on" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.

10CVSS9.8AI score0.00514EPSS

CVE•added 2022/06/13 2:15 p.m.•65 views

CVE-2022-30310

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-acknerr-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.

10CVSS9.8AI score0.01091EPSS

CVE•added 2022/06/13 2:15 p.m.•58 views

CVE-2022-30311

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-refresh-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.

10CVSS9.8AI score0.00653EPSS

CVE•added 2022/12/01 11:15 a.m.•58 views

CVE-2022-3270

In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead to a complete loss of confidentiality, integrity and availability.

9.8CVSS9.6AI score0.00295EPSS