Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redlion crimson vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-5719
The Crimson 3.2 Windows-based configuration tool allows users with administrative access to define new passwords for users and to download the resulting security configuration to a device. If such a password contains the percent (%) character, invalid values will be included, po...
Redlion Crimson
Redlion Crimson 3.2
9.1
CVSSv3
CVE-2020-27285
The default configuration of Crimson 3.1 (Build versions before 3119.001) allows a user to be able to read and modify the database without authentication.
Redlion Crimson 3.1
7.8
CVSSv3
CVE-2019-10978
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that operates outside of the designated memory area.
Redlion Crimson
7.8
CVSSv3
CVE-2019-10984
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that causes the program to mishandle pointers.
Redlion Crimson
7.8
CVSSv3
CVE-2019-10996
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that can reference memory after it has been freed.
Redlion Crimson
7.5
CVSSv3
CVE-2020-27279
A NULL pointer deference vulnerability has been identified in the protocol converter. An attacker could send a specially crafted packet that could reboot the device running Crimson 3.1 (Build versions before 3119.001).
Redlion Crimson 3.1
6.5
CVSSv3
CVE-2019-10990
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an malicious user to access configuration files.
Redlion Crimson
5.3
CVSSv3
CVE-2022-3090
Red Lion Controls Crimson 3.0 versions 707.000 and prior, Crimson 3.1 versions 3126.001 and prior, and Crimson 3.2 versions 3.2.0044.0 and prior are vulnerable to path traversal. When attempting to open a file using a specific path, the user's password hash is sent to an arb...
Redlion Crimson 3.0
Redlion Crimson
Redlion Crimson 3.1
Redlion Crimson 3.2
5.3
CVSSv3
CVE-2020-27283
An attacker could send a specially crafted message to Crimson 3.1 (Build versions before 3119.001) that could leak arbitrary memory locations.
Redlion Crimson 3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started