VYPR

Scalance W700 Ieee 802.11n Firmware

by Siemens Foundation

CVEs (12)

  • CVE-2022-36323CriAug 10, 2022
    risk 0.59cvss 9.1epss 0.01

    Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

  • CVE-2022-36324HigAug 10, 2022
    risk 0.49cvss 7.5epss 0.01

    Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.

  • CVE-2022-36325MedAug 10, 2022
    risk 0.44cvss 6.8epss 0.01

    Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS.

  • CVE-2020-26144MedMay 11, 2021
    risk 0.42cvss 6.5epss 0.05

    An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject…

  • CVE-2020-26143MedMay 11, 2021
    risk 0.42cvss 6.5epss 0.04

    An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network…

  • CVE-2017-2681MedMay 11, 2017
    risk 0.42cvss 6.5epss 0.01

    Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.

  • CVE-2017-2680MedMay 11, 2017
    risk 0.42cvss 6.5epss 0.01

    Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

  • CVE-2020-26147MedMay 11, 2021
    risk 0.35cvss 5.4epss 0.08

    An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends…

  • CVE-2020-26146MedMay 11, 2021
    risk 0.34cvss 5.3epss 0.06

    An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device…

  • CVE-2019-13946Feb 11, 2020
    risk 0.00cvss epss 0.01

    Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that…

  • CVE-2013-4652Aug 1, 2013
    risk 0.00cvss epss 0.06

    Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET connection.

  • CVE-2013-4651Aug 1, 2013
    risk 0.00cvss epss 0.01

    Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust…