Snmpc
by Castlerock
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-6028 | Hig | 0.57 | 8.8 | 0.01 | Apr 10, 2017 | Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter. | ||
| CVE-2019-13494 | Hig | 0.54 | 7.8 | 0.04 | Jul 12, 2019 | nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0.9 has a stack-based buffer overflow via a long variable string in a Map Objects text file. | ||
| CVE-2015-6027 | Med | 0.40 | 6.1 | 0.01 | Apr 10, 2017 | Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP. | ||
| CVE-2008-2214 | 0.04 | — | 0.09 | May 14, 2008 | Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long community string in an SNMP TRAP packet. | |||
| CVE-2007-3098 | 0.03 | — | 0.04 | Jun 6, 2007 | The SNMPc Server (crserv.exe) process in Castle Rock Computing SNMPc before 7.0.19 allows remote attackers to cause a denial of service (crash) via a crafted packet to port 165/TCP. | |||
| CVE-2003-0745 | 0.00 | — | 0.02 | Oct 20, 2003 | SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remote attackers to gain privileges by decrypting the password that is returned by the server. |
- risk 0.57cvss 8.8epss 0.01
Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter.
- risk 0.54cvss 7.8epss 0.04
nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0.9 has a stack-based buffer overflow via a long variable string in a Map Objects text file.
- risk 0.40cvss 6.1epss 0.01
Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP.
- CVE-2008-2214May 14, 2008risk 0.04cvss —epss 0.09
Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long community string in an SNMP TRAP packet.
- CVE-2007-3098Jun 6, 2007risk 0.03cvss —epss 0.04
The SNMPc Server (crserv.exe) process in Castle Rock Computing SNMPc before 7.0.19 allows remote attackers to cause a denial of service (crash) via a crafted packet to port 165/TCP.
- CVE-2003-0745Oct 20, 2003risk 0.00cvss —epss 0.02
SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remote attackers to gain privileges by decrypting the password that is returned by the server.