VYPR
Vendor

Castlerock

Products
2
CVEs
11
Across products
11
Status
Private

Products

2

Recent CVEs

11
  • CVE-2020-11553HigApr 9, 2020
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There is pervasive CSRF.

  • CVE-2015-6028HigApr 10, 2017
    risk 0.57cvss 8.8epss 0.01

    Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter.

  • CVE-2019-13494HigJul 12, 2019
    risk 0.54cvss 7.8epss 0.04

    nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0.9 has a stack-based buffer overflow via a long variable string in a Map Objects text file.

  • CVE-2020-11557HigApr 9, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It includes the username and password values in cleartext within each request's cookie value.

  • CVE-2020-11555HigApr 9, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive credential information from backup files.

  • CVE-2020-11554HigApr 9, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive information via info.php4.

  • CVE-2015-6027MedApr 10, 2017
    risk 0.40cvss 6.1epss 0.01

    Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP.

  • CVE-2020-11556MedApr 9, 2020
    risk 0.35cvss 5.4epss 0.01

    An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There are multiple persistent (stored) and reflected XSS vulnerabilities.

  • CVE-2008-2214May 14, 2008
    risk 0.04cvss epss 0.09

    Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long community string in an SNMP TRAP packet.

  • CVE-2007-3098Jun 6, 2007
    risk 0.03cvss epss 0.04

    The SNMPc Server (crserv.exe) process in Castle Rock Computing SNMPc before 7.0.19 allows remote attackers to cause a denial of service (crash) via a crafted packet to port 165/TCP.

  • CVE-2003-0745Oct 20, 2003
    risk 0.00cvss epss 0.02

    SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remote attackers to gain privileges by decrypting the password that is returned by the server.