VYPR

Embedded Web Servers

by Ecos

CVEs (3)

  • CVE-2017-1000020CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.03

    SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. "eCos Embedded Web Servers used by Multiple Routers and Home devices, while sending SYN Flood or FIN Flood packets fails to validate and handle the packets and does…

  • CVE-2009-2684Oct 13, 2009
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL…

  • CVE-2019-19772Mar 6, 2020
    risk 0.00cvss epss 0.01

    Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US.