VYPR

Endpoint Protector

by Cososys

CVEs (4)

  • CVE-2019-13285HigMay 4, 2020
    risk 0.49cvss 7.5epss 0.01

    CoSoSys Endpoint Protector 5.1.0.2 allows Host Header Injection.

  • CVE-2024-36075MedJun 27, 2024
    risk 0.42cvss 6.5epss 0.01

    The CoSoSys Endpoint Protector through 5.9.3 and Unify agent through 7.0.6 is susceptible to an arbitrary code execution vulnerability due to the way an archive obtained from the Endpoint Protector or Unify server is extracted on the endpoint. An attacker who is able to modify…

  • CVE-2012-2994Sep 18, 2012
    risk 0.04cvss epss 0.06

    The CoSoSys Endpoint Protector 4 appliance establishes an EPProot password based entirely on the appliance serial number, which makes it easier for remote attackers to obtain access via a brute-force attack.

  • CVE-2014-3932Jun 2, 2014
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.