Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
softing opc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2336
Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon f...
Softing Edgeaggregator 3.1
Softing Secure Integration Server 1.22
Softing Edgeconnector 3.1
Softing Opc 5.2
Softing Opc Ua C\\+\\+ Software Development Kit 6
Softing Uagates 1.74
NA
CVE-2022-2337
A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22.
Softing Edgeaggregator 3.1
Softing Secure Integration Server 1.22
Softing Edgeconnector 3.1
Softing Opc 5.2
Softing Opc Ua C\\+\\+ Software Development Kit 6
Softing Uagates 1.74
NA
CVE-2022-1069
A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22.
Softing Edgeaggregator 3.1
Softing Secure Integration Server 1.22
Softing Edgeconnector 3.1
Softing Opc 5.2
Softing Opc Ua C\\+\\+ Software Development Kit 6
Softing Uagates 1.74
NA
CVE-2022-1373
The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configura...
Softing Edgeaggregator 3.1
Softing Secure Integration Server 1.22
Softing Edgeconnector 3.1
Softing Opc 5.2
Softing Opc Ua C\\+\\+ Software Development Kit 6
Softing Uagates 1.74
NA
CVE-2022-2338
Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the r...
Softing Edgeaggregator 3.1
Softing Secure Integration Server 1.22
Softing Edgeconnector 3.1
Softing Opc 5.2
Softing Opc Ua C\\+\\+ Software Development Kit 6
Softing Uagates 1.74
NA
CVE-2022-2547
A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22.
Softing Edgeaggregator 3.1
Softing Secure Integration Server 1.22
Softing Edgeconnector 3.1
Softing Opc 5.2
Softing Opc Ua C\\+\\+ Software Development Kit 6
Softing Uagates 1.74
445
VMScore
CVE-2020-14522
Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to uncontrolled resource consumption, which may allow an malicious user to cause a denial-of-service condition.
Softing Opc
668
VMScore
CVE-2020-14524
Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to a heap-based buffer overflow, which may allow an malicious user to remotely execute arbitrary code.
Softing Opc
NA
CVE-2023-37572
Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows malicious users to obtain sensitive information via weak permissions in OSF_discovery service. The service executable could be changed or the service could be deleted.
Softing Opc
605
VMScore
CVE-2021-29660
A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.html in Softing AG OPC Toolbox up to and including 4.10.1.13035 allows malicious users to reset the administrative password by inducing the Administrator user to browse a URL controlled by an attacker.
Softing Opc Toolbox
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »