Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sec-consult.com vulnerabilities and exploits

(subscribe to this query)
5.3
CVSSv3
CVE-2017-12737
An issue exists on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote malicious users to obtain sensitive device inf...
Siemens Sm-2556 Firmware Enos00Siemens Sm-2556 Firmware Eta2Siemens Sm-2556 Firmware Etls00Siemens Sm-2556 Firmware Modi00Siemens Sm-2556 Firmware Dnpi00Siemens Sm-2556 Firmware Erac00
9.8
CVSSv3
CVE-2017-12739
An issue exists on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote malicious users to execute arbitrary code on t...
Siemens Sm-2556 Firmware Enos00Siemens Sm-2556 Firmware Erac00Siemens Sm-2556 Firmware Eta2Siemens Sm-2556 Firmware Etls00Siemens Sm-2556 Firmware Modi00Siemens Sm-2556 Firmware Dnpi00
6.1
CVSSv3
CVE-2017-12738
An issue exists on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked ...
Siemens Sm-2556 Firmware Erac00Siemens Sm-2556 Firmware Enos00Siemens Sm-2556 Firmware Eta2Siemens Sm-2556 Firmware Etls00Siemens Sm-2556 Firmware Modi00Siemens Sm-2556 Firmware Dnpi00
5.5
CVSSv3
CVE-2015-9261
huft_build in archival/libarchive/decompress_gunzip.c in BusyBox prior to 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.
Busybox BusyboxDebian Debian Linux 8.0Debian Debian Linux 9.0Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 14.04
7.5
CVSSv3
CVE-2016-2147
Integer overflow in the DHCP client (udhcpc) in BusyBox prior to 1.25.0 allows remote malicious users to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.
Busybox BusyboxDebian Debian Linux 8.0Debian Debian Linux 9.0Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10
9.8
CVSSv3
CVE-2016-2148
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox prior to 1.25.0 allows remote malicious users to have unspecified impact via vectors involving OPTION_6RD parsing.
Busybox BusyboxDebian Debian Linux 8.0Debian Debian Linux 9.0Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10
9.8
CVSSv3
CVE-2020-12501
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.
Pepperl-fuchs Es7510-xt FirmwarePepperl-fuchs Es8509-xt FirmwarePepperl-fuchs Es8510-xt FirmwarePepperl-fuchs Es9528-xtv2 FirmwarePepperl-fuchs Es7506 FirmwarePepperl-fuchs Es7510 FirmwarePepperl-fuchs Es7528 FirmwarePepperl-fuchs Es8508 FirmwarePepperl-fuchs Es8508f FirmwarePepperl-fuchs Es8510 FirmwarePepperl-fuchs Es8510-xte FirmwarePepperl-fuchs Es9528 FirmwarePepperl-fuchs Es9528-xt FirmwareKorenix Jetnet5428g-20sfp Firmware -Korenix Jetnet5810g Firmware -Korenix Jetnet4510 Firmware -Korenix Jetnet5010 Firmware -Korenix Jetnet5310 Firmware -Korenix Jetnet6095 Firmware -Korenix Jetnet4706 Firmware -Korenix Jetwave 3220 Firmware -Korenix Jetwave 2311 Firmware -
NA
CVE-2013-1813
util-linux/mdev.c in BusyBox prior to 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
Redhat Enterprise Linux 6.0T-mobile Tm-ac1900 3.0.0.4.376 3169Busybox Busybox 0.38Busybox Busybox 0.46Busybox Busybox 0.47Busybox Busybox 0.60.1Busybox Busybox 0.60.2Busybox Busybox 0.60.3Busybox Busybox 1.1.2Busybox Busybox 1.1.3Busybox Busybox 1.11.1Busybox Busybox 1.11.2Busybox Busybox 1.13.1Busybox Busybox 1.13.2Busybox Busybox 1.14.4Busybox Busybox 1.15.0Busybox Busybox 1.17.0Busybox Busybox 1.17.1Busybox Busybox 1.18.4Busybox Busybox 1.18.5Busybox Busybox 1.2.2Busybox Busybox 1.2.2.1
8.8
CVSSv3
CVE-2017-16544
In the add_match function in libbb/lineedit.c in BusyBox up to and including 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could pot...
Busybox BusyboxDebian Debian Linux 8.0Debian Debian Linux 9.0Vmware Esxi 6.0Vmware Esxi 6.5Vmware Esxi 6.7Redlion N-tron 702-w FirmwareRedlion N-tron 702m12-w FirmwareCanonical Ubuntu Linux 16.04Canonical Ubuntu Linux 14.04
NA
CVE-2011-2716
The DHCP client (udhcpc) in BusyBox prior to 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.
T-mobile Tm-ac1900 3.0.0.4.376 3169Busybox Busybox 1.18.5Busybox Busybox 1.18.4Busybox Busybox 1.17.2Busybox Busybox 1.18.3Busybox Busybox 1.18.2Busybox Busybox 1.17.0Busybox Busybox 1.16.2Busybox Busybox 1.16.1Busybox Busybox 1.14.3Busybox Busybox 1.14.2Busybox Busybox 1.13.0Busybox Busybox 1.12.4Busybox Busybox 1.11.0Busybox Busybox 1.10.4Busybox Busybox 1.9.0Busybox Busybox 1.8.2Busybox Busybox 1.6.1Busybox Busybox 1.6.0Busybox Busybox 1.3.0Busybox Busybox 1.2.2.1Busybox Busybox 1.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook