Scalance W1750d Firmware Security Vulnerabilities and Issues — Scalance W1750d Firmware CVE List

Lucene search

SiemensScalance W1750d Firmware

7 matches found

cve•added 2021/11/11 7:15 p.m.•299 views

CVE-2002-20001

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resour...

7.5CVSS7.3AI score0.1468EPSS

cve•added 2022/10/07 7:15 p.m.•70 views

CVE-2022-37893

An authenticated command injection vulnerability exists in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: ...

7.8CVSS7.7AI score0.00214EPSS

cve•added 2021/09/07 1:15 p.m.•69 views

CVE-2019-5318

A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba Operating System Software version(s): 6.x.x.x: all versions, 8.x.x.x: all versions prior to 8.8.0.0. Aruba has released patches for ArubaOS that address this security vulnerability.

7.1CVSS6.2AI score0.00155EPSS

cve•added 2017/12/13 1:29 a.m.•60 views

CVE-2017-13099

wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."

7.5CVSS6.2AI score0.68227EPSS

cve•added 2021/03/29 8:15 p.m.•51 views

CVE-2021-25143

A remote denial of service (dos) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.9 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant that a...

7.5CVSS7.5AI score0.00666EPSS

cve•added 2019/05/10 5:29 p.m.•49 views

CVE-2018-7083

If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. C...

7.5CVSS7.3AI score0.00634EPSS

cve•added 2021/09/07 1:15 p.m.•45 views

CVE-2021-37731

A local path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address ...

7.2CVSS6.2AI score0.00177EPSS