Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
t. weber vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2020-16204
The affected product is vulnerable due to an undocumented interface found on the device, which may allow an malicious user to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions).
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
890
VMScore
CVE-2019-12549
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
890
VMScore
CVE-2019-12550
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
828
VMScore
CVE-2020-16208
The affected product is vulnerable to cross-site request forgery, which may allow an malicious user to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions).
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
801
VMScore
CVE-2021-39280
Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X prior to 1.9.1, 2212S prior to 1.9.1, 2212G prior to 1.8, 3220 V3 prior to 1.5.1, 3420 V3 prior to 1.5.1, and 2311 through 2022-01-31.
Korenix Jetwave 2212s Firmware
Korenix Jetwave 2212g Firmware
Korenix Jetwave 2311 Firmware
Korenix Jetwave 3220 Firmware
Korenix Jetwave 3420 Firmware
Korenix Jetwave 2212x Firmware
801
VMScore
CVE-2021-39279
Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WD...
Moxa Wac-2004 Firmware 1.7
Moxa Wac-1001 Firmware 2.1
Moxa Wac-1001-t Firmware 2.1
Moxa Oncell G3470a-lte-eu Firmware 1.7
Moxa Oncell G3470a-lte-eu-t Firmware 1.7
Moxa Tap-323-eu-ct-t Firmware 1.3
Moxa Tap-323-us-ct-t Firmware 1.3
Moxa Tap-323-jp-ct-t Firmware 1.3
Moxa Wdr-3124a-eu Firmware 2.3
Moxa Wdr-3124a-eu-t Firmware 2.3
Moxa Wdr-3124a-us Firmware 2.3
Moxa Wdr-3124a-us-t Firmware 2.3
801
VMScore
CVE-2021-39244
Authenticated Semi-Blind Command Injection (via Parameter Injection) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the getlogs.cgi tcpdump feature. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX...
Altus Nexto Nx3003 Firmware 1.8.11.0
Altus Nexto Nx3004 Firmware 1.8.11.0
Altus Nexto Nx3005 Firmware 1.8.11.0
Altus Nexto Nx3010 Firmware 1.8.3.0
Altus Nexto Nx3020 Firmware 1.8.3.0
Altus Nexto Nx3030 Firmware 1.8.3.0
Altus Nexto Nx5100 Firmware 1.8.11.0
Altus Nexto Nx5101 Firmware 1.8.11.0
Altus Nexto Nx5110 Firmware 1.1.2.8
Altus Nexto Nx5210 Firmware 1.1.2.8
Altus Nexto Xpress Xp300 Firmware 1.8.11.0
Altus Nexto Xpress Xp315 Firmware 1.8.11.0
Altus Nexto Xpress Xp325 Firmware 1.8.11.0
Altus Nexto Xpress Xp340 Firmware 1.8.11.0
Altus Hadron Xtorm Hx3040 Firmware 1.7.58.0
801
VMScore
CVE-2020-12513
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
Pepperl-fuchs Io-link Master 4-eip Firmware
Pepperl-fuchs Io-link Master 8-eip Firmware
Pepperl-fuchs Io-link Master 8-eip-l Firmware
Pepperl-fuchs Io-link Master Dr-8-eip Firmware
Pepperl-fuchs Io-link Master Dr-8-eip-p Firmware
Pepperl-fuchs Io-link Master Dr-8-eip-t Firmware
Pepperl-fuchs Io-link Master 4-pnio Firmware
Pepperl-fuchs Io-link Master 8-pnio Firmware
Pepperl-fuchs Io-link Master 8-pnio-l Firmware
Pepperl-fuchs Io-link Master Dr-8-pnio Firmware
Pepperl-fuchs Io-link Master Dr-8-pnio-p Firmware
Pepperl-fuchs Io-link Master Dr-8-pnio-t Firmware
801
VMScore
CVE-2020-9436
PHOENIX CONTACT TC ROUTER 3002T-4G up to and including 2.05.3, TC ROUTER 2002T-3G up to and including 2.05.3, TC ROUTER 3002T-4G VZW up to and including 2.05.3, TC ROUTER 3002T-4G ATT up to and including 2.05.3, TC CLOUD CLIENT 1002-4G up to and including 2.03.17, and TC CLOUD CL...
Phoenixcontact Tc Router 3002t-4g Firmware
Phoenixcontact Tc Router 2002t-3g Firmware
Phoenixcontact Tc Router 3002t-4g Vzw Firmware
Phoenixcontact Tc Router 3002t-4g Att Firmware
Phoenixcontact Tc Cloud Client 1002-4g Firmware
Phoenixcontact Tc Cloud Client 1002-txtx Firmware
1 Github repository
755
VMScore
CVE-2012-4412
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and previous versions allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overf...
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 2.1.1
Gnu Glibc 2.14
Gnu Glibc 2.0.3
Gnu Glibc 2.0
Gnu Glibc 2.13
Gnu Glibc 2.1.1.6
Gnu Glibc 2.1
Gnu Glibc 2.1.9
Gnu Glibc 2.12.1
Gnu Glibc 2.0.1
Gnu Glibc 2.14.1
Gnu Glibc 2.11.2
Gnu Glibc 2.0.4
Gnu Glibc 2.0.2
Gnu Glibc 2.16
Gnu Glibc
Gnu Glibc 2.11.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »