Scalance W700 Ieee 802.11n Firmware@* Security Vulnerabilities and Issues — Scalance W700 Ieee 802.11n Firmware@* CVE List

Lucene search

SiemensScalance W700 Ieee 802.11n Firmware*

8 matches found

CVE•added 2021/05/11 8:15 p.m.•337 views

CVE-2020-26147

An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames a...

5.4CVSS6.3AI score0.00478EPSS

CVE•added 2021/05/11 8:15 p.m.•305 views

CVE-2020-26144

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets...

6.5CVSS7.8AI score0.01269EPSS

CVE•added 2021/05/11 8:15 p.m.•279 views

CVE-2020-26143

An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

6.5CVSS6.7AI score0.01438EPSS

CVE•added 2021/05/11 8:15 p.m.•278 views

CVE-2020-26146

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented fr...

5.3CVSS6AI score0.01048EPSS

CVE•added 2020/02/11 4:15 p.m.•115 views

CVE-2019-13946

Profinet-IO (PNIO) stack versions prior V06.00 do not properly limitinternal resource allocation when multiple legitimate diagnostic packagerequests are sent to the DCE-RPC interface.This could lead to a denial of service condition due to lack of memoryfor devices that include a vulnerable version ...

7.8CVSS7.4AI score0.00552EPSS

CVE•added 2022/08/10 12:15 p.m.•102 views

CVE-2022-36323

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

9.1CVSS9AI score0.00373EPSS

CVE•added 2022/08/10 12:15 p.m.•93 views

CVE-2022-36325

Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS.

6.8CVSS5.2AI score0.00137EPSS

CVE•added 2022/08/10 12:15 p.m.•83 views

CVE-2022-36324

Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.

7.5CVSS7.6AI score0.00067EPSS