Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
softing vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-6616
Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote malicious users to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/.
Softing Fg-x00 Profibus Firmware 2.02.0.00
6.1
CVSSv3
CVE-2022-48192
Cross-site Scripting vulnerability in Softing smartLink SW-HT prior to 1.30, which allows an malicious user to execute a dynamic script (JavaScript, VBScript) in the context of the application.
Softing Smartlink Sw-ht
7.5
CVSSv3
CVE-2022-48193
Weak ciphers in Softing smartLink SW-HT prior to 1.30 are enabled during secure communication (SSL).
Softing Smartlink Sw-ht
7.5
CVSSv3
CVE-2021-32994
Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an malicious user to crash the software by sending a variety of specially crafted packets to access sev...
Softing Opc Ua C\\+\\+ Software Development Kit
NA
CVE-2024-0860
The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an malicious user to capture packets to craft their own requests.
9.8
CVSSv3
CVE-2014-6617
Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 contains a hardcoded password for the root account, which allows remote malicious users to obtain administrative access via a TELNET session.
Industrial.softing Fg-100 Pb Profibus Firmware Fg-x00-pb V2.02.0.00
NA
CVE-2023-39482
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
NA
CVE-2023-27334
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh req...
NA
CVE-2023-29377
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists ...
NA
CVE-2023-39479
This vulnerability allows remote attackers to create directories on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists with...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »