Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
medfusion 4000 wireless syringe infusion pump vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2017-12718
A Classic Buffer Overflow issue exists in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump does not verify input buffer size prior to copying, leading to a buffer overflow, allowing remote code execu...
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.5
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.6
1 EDB exploit
8.1
CVSSv3
CVE-2017-12720
An Improper Access Control issue exists in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The FTP server on the pump does not require authentication if the pump is configured to allow FTP connections.
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.6
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.5
5.9
CVSSv3
CVE-2017-12721
An Improper Certificate Validation issue exists in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump does not validate host certificates, leaving the pump vulnerable to a man-in-the-middle (MITM) attack.
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.5
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.6
3.7
CVSSv3
CVE-2017-12723
A Password in Configuration File issue exists in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump stores some passwords in the configuration file, which are accessible if the pump is configured to allow external communications.
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.6
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.5
8.1
CVSSv3
CVE-2017-12724
A Use of Hard-coded Credentials issue exists in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The FTP server on the pump contains hardcoded credentials, which are not fully initialized. The FTP server is only accessible if the pump is co...
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.6
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.5
7.3
CVSSv3
CVE-2017-12726
A Use of Hard-coded Password issue exists in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. Telnet on the pump uses hardcoded credentials, which can be used if the pump is configured to allow external communications. Smiths Medical assess...
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.6
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.5
5.6
CVSSv3
CVE-2017-12725
A Use of Hard-coded Credentials issue exists in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump with default network configuration uses hard-coded credentials to automatically establish a wireless network connection. The pump will...
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.6
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.5
5.3
CVSSv3
CVE-2017-12722
An Out-of-bounds Read issue exists in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump reads memory out of bounds, causing the communications module to crash. Smiths Medical assesses that the crash o...
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.5
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started