Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lion vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-3090
Red Lion Controls Crimson 3.0 versions 707.000 and prior, Crimson 3.1 versions 3126.001 and prior, and Crimson 3.2 versions 3.2.0044.0 and prior are vulnerable to path traversal. When attempting to open a file using a specific path, the user's password hash is sent to an arb...
Redlion Crimson 3.0
Redlion Crimson
Redlion Crimson 3.1
Redlion Crimson 3.2
9.8
CVSSv3
CVE-2022-1039
The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted inte...
Redlion Da50n Firmware
7.8
CVSSv3
CVE-2022-26516
Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment.
Redlion Da50n Firmware -
6.5
CVSSv3
CVE-2022-27179
A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised.
Redlion Da50n Firmware -
7.8
CVSSv3
CVE-2019-10984
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that causes the program to mishandle pointers.
Redlion Crimson
7.8
CVSSv3
CVE-2019-10978
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that operates outside of the designated memory area.
Redlion Crimson
7.8
CVSSv3
CVE-2019-10996
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that can reference memory after it has been freed.
Redlion Crimson
9.8
CVSSv3
CVE-2023-42770
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge.
Redlioncontrols St-ipm-6350 Firmware 4.9.114
Redlioncontrols St-ipm-8460 Firmware 6.0.202
Redlioncontrols Vt-mipm-135-d Firmware 4.9.114
Redlioncontrols Vt-mipm-245-d Firmware 4.9.114
Redlioncontrols Vt-ipm2m-213-d Firmware 4.9.114
Redlioncontrols Vt-ipm2m-113-d Firmware 4.9.114
4.3
CVSSv3
CVE-2023-4834
In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged malicious user to gain read access to limited, non-critical device information ...
Helmholz Myrex24
Helmholz Myrex24.virtual
Mbconnectline Mbconnect24
Mbconnectline Mymbconnect24
9.8
CVSSv3
CVE-2023-40151
When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message...
Redlioncontrols St-ipm-6350 Firmware 4.9.114
Redlioncontrols St-ipm-8460 Firmware 6.0.202
Redlioncontrols Vt-mipm-135-d Firmware 4.9.114
Redlioncontrols Vt-mipm-245-d Firmware 4.9.114
Redlioncontrols Vt-ipm2m-213-d Firmware 4.9.114
Redlioncontrols Vt-ipm2m-113-d Firmware 4.9.114
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »