Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
softing opc vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-29660
A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.html in Softing AG OPC Toolbox up to and including 4.10.1.13035 allows malicious users to reset the administrative password by inducing the Administrator user to browse a URL controlled by an attacker.
Softing Opc Toolbox
7.5
CVSSv3
CVE-2021-32994
Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an malicious user to crash the software by sending a variety of specially crafted packets to access sev...
Softing Opc Ua C\\+\\+ Software Development Kit
7.5
CVSSv3
CVE-2021-40872
An issue exists in Softing Industrial Automation uaToolkit Embedded prior to 1.40. Remote malicious users to cause a denial of service (DoS) or login as an anonymous user (bypassing security checks) by sending crafted messages to a OPC/UA server. The server process may crash unex...
Softing Smartlink Hw-dp
Softing Uatoolkit Embedded
NA
CVE-2023-39479
Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This vulnerability allows remote malicious users to create directories on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerabil...
NA
CVE-2023-39480
Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote malicious users to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to e...
NA
CVE-2023-27336
Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote malicious users to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not require...
NA
CVE-2023-27334
Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote malicious users to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required ...
NA
CVE-2023-29377
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists ...
NA
CVE-2023-39478
Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is requir...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3