Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
softing vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-48192
Cross-site Scripting vulnerability in Softing smartLink SW-HT prior to 1.30, which allows an malicious user to execute a dynamic script (JavaScript, VBScript) in the context of the application.
Softing Smartlink Sw-ht
7.5
CVSSv3
CVE-2022-48193
Weak ciphers in Softing smartLink SW-HT prior to 1.30 are enabled during secure communication (SSL).
Softing Smartlink Sw-ht
NA
CVE-2014-6616
Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote malicious users to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/.
Softing Fg-x00 Profibus Firmware 2.02.0.00
7.5
CVSSv3
CVE-2021-32994
Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an malicious user to crash the software by sending a variety of specially crafted packets to access sev...
Softing Opc Ua C\\+\\+ Software Development Kit
NA
CVE-2024-0860
The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an malicious user to capture packets to craft their own requests.
9.8
CVSSv3
CVE-2014-6617
Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 contains a hardcoded password for the root account, which allows remote malicious users to obtain administrative access via a TELNET session.
Industrial.softing Fg-100 Pb Profibus Firmware Fg-x00-pb V2.02.0.00
NA
CVE-2023-29377
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists ...
NA
CVE-2023-39482
Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is requir...
NA
CVE-2023-27334
Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote malicious users to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required ...
NA
CVE-2023-39479
Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This vulnerability allows remote malicious users to create directories on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerabil...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »