Siemens CP-8000, CP-8021, CP8-022, CP-8031, CP-8050, and SICORE products suffer from buffer overread, privilege escalation, and unsafe storage vulnerabilities.
210325d821a98d66d87a72d0c8a73147b1c6fa89ca3315050b61035edfb74955Siemens CP-XXXX Series (CP-2014, CP-2016, CP-2017, CP-2019, CP-5014) expose serial shells on multiple PLCs. A serial interface can be accessed with physical access to the PCB. After connecting to the interface, access to a shell with various debug functions as well as a login prompt is possible. The hardware is no longer produced nor offered to the market.
440f519186700c01806ac2012a5bbe75033e8be274d7314185fa93b11e2ef29bSiemens A8000 CP-8050 and CP-8031 MASTER MODULE versions 04.92 and below suffer from remote code execution, command injection, hard-coded password, and console login vulnerabilities.
61cdf36c1ecb8a689b5d1609b70af4afbbfe93f06571b226262e46776c6f150bThis Metasploit module exploits a buffer overflow in the zhttpd binary (/bin/zhttpd). It is present on more than 40 Zyxel routers and CPE devices. The code execution vulnerability can only be exploited by an attacker if the zhttp webserver is reachable. No authentication is required. After exploitation, an attacker will be able to execute any command as root, including downloading and executing a binary from another host.
fc9419af3871336277cafde42125966d876812e4e57c8b48da3a83050219381fB&R Systems Diagnostics Manager versions above or equal to 3.00 and below or equal to C4.93 suffer from a cross site scripting vulnerability.
73c092297c794cf9f02f7442ef627100dbeb5b3e8758091b6d6bf2c262200495COVESA versions 2.18.8 and below suffer from heap buffer over-read and null pointer dereference vulnerabilities.
548515ca72e9a559204cae299150309e86e1f034ccca3a9cd876a5da99d81eb2Gentics CMS version 5.36.29 suffers from persistent cross site scripting and unsafe java deserialization vulnerabilities.
e4580392eca1aaa2baef87c51030e06d2fcb0c618e86aa5b369549cadf1c84c3dbus-broker-29 suffers from multiple memory corruption vulnerabilities. dbus-broker-31 addresses these issues.
1688a18cca9d3b422b451318fd542b12535ebb6ef1eb8f23ae56ff707d1b4659Siemens A8000 CP-8050/CP-8031 SICAM WEB suffers from denial of service and a missing authentication vulnerability that allows for file download.
7f0a0ec0c017ac5bb71670246359ab27291e0f6543e3a3b66f3b4ecf9cd874dcMultiple Zyxel devices suffer from buffer overflow, local file disclosure, unsafe storage of sensitive data, command injection, broken access control, symbolic link processing, cross site request forgery, and cross site scripting vulnerabilities.
0ba1f45b7a5254a119e2a3aeddf4279392e2e0120fe45790d15563c4eadf7fd2WAGO 750-8xxx PLC versions prior to Firmware 20 Patch 1 (v03.08.08) suffer from denial of service and user enumeration vulnerabilities.
3baa93a2d3f1b5ab0f4e0408fec68f1c11444bf8af50dc66f28f63e877786d44Cisco IP Phone Series 78x1, 88x5, 88x1, 7832, 8832, 8821 and 3905 suffer from an insecure password storage vulnerability.
448c7c5cfcae3fc7bd414ad5be07cfbb1b7d955c723ac1c0f73d5e456f4c69e5CODESYS Runtime Toolkit 32-bit versions prior to 2.4.7.56 suffer from a denial of service vulnerability.
e2c08ed088508dee09719da1812fdba8c069873d79d63fec42f1375ec7b871d9High Infinity Technology HiKam S6 versions 1.3.26 and below suffer from broken authentication, enumeration, message protocol downgrade, insufficient use of cryptography, insufficient message protocol checks, device spoofing, outdated components, and weak default credential vulnerabilities. suffers from bypass, man-in-the-middle, and spoofing vulnerabilities.
e3dfeccfa868c00933c774cf40a1a7c35ae63edfea2f05f80a5a710d97902941NetModule Router Software versions prior to 4.3.0.113, 4.4.0.111, and 4.5.0.105 suffer from insecure password handling and session fixation vulnerabilities.
55c2cd76e6eb849928d497ed398e7ef24c35c003556aab944b5829e79cdf8dc6Sage DPW versions 2020_06_000 and 2020_06_001 suffer from cross site scripting and unauthenticated malicious file upload vulnerabilities.
f2de58f82000bc1abcc7ceb06fb7e03de637fb816729b8a026fe3a6815942177
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed