Lucene search

K
SiemensScalance M875 Firmware

6 matches found

CVE
CVE
added 2018/06/26 6:29 p.m.39 views

CVE-2018-11448

A vulnerability has been identified in SCALANCE M875 (All versions). The web interface on port 443/tcp could allow a stored Cross-Site Scripting (XSS) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires that the attacker has access to the web ...

4.8CVSS4.8AI score0.00218EPSS
CVE
CVE
added 2018/06/26 6:29 p.m.35 views

CVE-2018-4860

A vulnerability has been identified in SCALANCE M875 (All versions). An authenticated remote attacker with access to the web interface (443/tcp), could execute arbitrary operating system commands. Successful exploitation requires that the attacker has network access to the web interface. The attack...

9CVSS7.1AI score0.01121EPSS
CVE
CVE
added 2018/06/26 6:29 p.m.33 views

CVE-2018-11447

A vulnerability has been identified in SCALANCE M875 (All versions). The web interface on port 443/tcp could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by an legitimate user, ...

8.8CVSS8.7AI score0.00167EPSS
CVE
CVE
added 2018/06/26 6:29 p.m.33 views

CVE-2018-11449

A vulnerability has been identified in SCALANCE M875 (All versions). An attacker with access to the local file system might obtain passwords for administrative users. Successful exploitation requires read access to files on the local file system. A successful attack could allow an attacker to obtai...

7.8CVSS7.1AI score0.0012EPSS
CVE
CVE
added 2018/06/26 6:29 p.m.32 views

CVE-2018-4861

A vulnerability has been identified in SCALANCE M875 (All versions). An authenticated remote attacker with access to the web interface (443/tcp), could potentially read and download arbitrary files from the device's file system. Successful exploitation requires that the attacker has network access ...

4.9CVSS5AI score0.00424EPSS
CVE
CVE
added 2018/06/26 6:29 p.m.28 views

CVE-2018-4859

A vulnerability has been identified in SCALANCE M875 (All versions). An authenticated remote attacker with access to the web interface (443/tcp), could execute arbitrary operating system commands. Successful exploitation requires that the attacker has network access to the web interface. The attack...

9CVSS7.1AI score0.01121EPSS