edgeAggregator
by Softx
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-38126 | 0.01 | — | 0.69 | Dec 19, 2023 | Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this… | |||
| CVE-2023-38125 | 0.00 | — | 0.01 | May 3, 2024 | Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this… | |||
| CVE-2023-27335 | 0.00 | — | 0.01 | May 3, 2024 | Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. User interaction is required to exploit this vulnerability in that… | |||
| CVE-2024-0860 | 0.00 | — | 0.01 | Mar 14, 2024 | The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker to capture packets to craft their own requests. | |||
| CVE-2022-1748 | 0.00 | — | 0.01 | Aug 17, 2022 | Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability. | |||
| CVE-2022-2336 | 0.00 | — | 0.01 | Aug 17, 2022 | Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon… |
- CVE-2023-38126Dec 19, 2023risk 0.01cvss —epss 0.69
Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this…
- CVE-2023-38125May 3, 2024risk 0.00cvss —epss 0.01
Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this…
- CVE-2023-27335May 3, 2024risk 0.00cvss —epss 0.01
Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. User interaction is required to exploit this vulnerability in that…
- CVE-2024-0860Mar 14, 2024risk 0.00cvss —epss 0.01
The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker to capture packets to craft their own requests.
- CVE-2022-1748Aug 17, 2022risk 0.00cvss —epss 0.01
Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability.
- CVE-2022-2336Aug 17, 2022risk 0.00cvss —epss 0.01
Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon…