Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
t. weber vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-16204
The affected product is vulnerable due to an undocumented interface found on the device, which may allow an malicious user to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions).
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
10
CVSSv2
CVE-2019-12549
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
10
CVSSv2
CVE-2019-12550
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
9.3
CVSSv2
CVE-2020-16208
The affected product is vulnerable to cross-site request forgery, which may allow an malicious user to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions).
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
9
CVSSv2
CVE-2021-39280
Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X prior to 1.9.1, 2212S prior to 1.9.1, 2212G prior to 1.8, 3220 V3 prior to 1.5.1, 3420 V3 prior to 1.5.1, and 2311 through 2022-01-31.
Korenix Jetwave 2212s Firmware
Korenix Jetwave 2212g Firmware
Korenix Jetwave 2311 Firmware
Korenix Jetwave 3220 Firmware
Korenix Jetwave 3420 Firmware
Korenix Jetwave 2212x Firmware
9
CVSSv2
CVE-2021-39279
Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WD...
Moxa Wac-2004 Firmware 1.7
Moxa Wac-1001 Firmware 2.1
Moxa Wac-1001-t Firmware 2.1
Moxa Oncell G3470a-lte-eu Firmware 1.7
Moxa Oncell G3470a-lte-eu-t Firmware 1.7
Moxa Tap-323-eu-ct-t Firmware 1.3
Moxa Tap-323-us-ct-t Firmware 1.3
Moxa Tap-323-jp-ct-t Firmware 1.3
Moxa Wdr-3124a-eu Firmware 2.3
Moxa Wdr-3124a-eu-t Firmware 2.3
Moxa Wdr-3124a-us Firmware 2.3
Moxa Wdr-3124a-us-t Firmware 2.3
9
CVSSv2
CVE-2021-39244
Authenticated Semi-Blind Command Injection (via Parameter Injection) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the getlogs.cgi tcpdump feature. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX...
Altus Nexto Nx3003 Firmware 1.8.11.0
Altus Nexto Nx3004 Firmware 1.8.11.0
Altus Nexto Nx3005 Firmware 1.8.11.0
Altus Nexto Nx3010 Firmware 1.8.3.0
Altus Nexto Nx3020 Firmware 1.8.3.0
Altus Nexto Nx3030 Firmware 1.8.3.0
Altus Nexto Nx5100 Firmware 1.8.11.0
Altus Nexto Nx5101 Firmware 1.8.11.0
Altus Nexto Nx5110 Firmware 1.1.2.8
Altus Nexto Nx5210 Firmware 1.1.2.8
Altus Nexto Xpress Xp300 Firmware 1.8.11.0
Altus Nexto Xpress Xp315 Firmware 1.8.11.0
Altus Nexto Xpress Xp325 Firmware 1.8.11.0
Altus Nexto Xpress Xp340 Firmware 1.8.11.0
Altus Hadron Xtorm Hx3040 Firmware 1.7.58.0
9
CVSSv2
CVE-2020-12513
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
Pepperl-fuchs Io-link Master 4-eip Firmware
Pepperl-fuchs Io-link Master 8-eip Firmware
Pepperl-fuchs Io-link Master 8-eip-l Firmware
Pepperl-fuchs Io-link Master Dr-8-eip Firmware
Pepperl-fuchs Io-link Master Dr-8-eip-p Firmware
Pepperl-fuchs Io-link Master Dr-8-eip-t Firmware
Pepperl-fuchs Io-link Master 4-pnio Firmware
Pepperl-fuchs Io-link Master 8-pnio Firmware
Pepperl-fuchs Io-link Master 8-pnio-l Firmware
Pepperl-fuchs Io-link Master Dr-8-pnio Firmware
Pepperl-fuchs Io-link Master Dr-8-pnio-p Firmware
Pepperl-fuchs Io-link Master Dr-8-pnio-t Firmware
9
CVSSv2
CVE-2020-9436
PHOENIX CONTACT TC ROUTER 3002T-4G up to and including 2.05.3, TC ROUTER 2002T-3G up to and including 2.05.3, TC ROUTER 3002T-4G VZW up to and including 2.05.3, TC ROUTER 3002T-4G ATT up to and including 2.05.3, TC CLOUD CLIENT 1002-4G up to and including 2.03.17, and TC CLOUD CL...
Phoenixcontact Tc Router 3002t-4g Firmware
Phoenixcontact Tc Router 2002t-3g Firmware
Phoenixcontact Tc Router 3002t-4g Vzw Firmware
Phoenixcontact Tc Router 3002t-4g Att Firmware
Phoenixcontact Tc Cloud Client 1002-4g Firmware
Phoenixcontact Tc Cloud Client 1002-txtx Firmware
1 Github repository
7.8
CVSSv2
CVE-2014-9402
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) prior to 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote malicious users to cause a denial of service (infinite loop) by sending a positive answer while a network...
Gnu Glibc
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »