Show filters
45 Total Results
Displaying 41-45 of 45
Sort by:
Attacker Value
Unknown

CVE-2019-15051

Disclosure Date: October 10, 2019 (last updated November 27, 2024)
An issue was discovered in Softing uaGate (SI, MB, 840D) firmware through 1.71.00.1225. A CGI script is vulnerable to command injection via a maliciously crafted form parameter.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-11527

Disclosure Date: October 10, 2019 (last updated November 27, 2024)
An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-11526

Disclosure Date: October 10, 2019 (last updated November 27, 2024)
An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the Attacker to write files with superuser privileges in specific locations.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2014-6617

Disclosure Date: March 09, 2018 (last updated November 26, 2024)
Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 contains a hardcoded password for the root account, which allows remote attackers to obtain administrative access via a TELNET session.
0
0
Attacker Value
Unknown

CVE-2014-6616

Disclosure Date: August 31, 2015 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/.
0
0
View More Topics  < Previous