VYPR
Vendor

Dnatools

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2017-6526CriMar 9, 2017
    risk 0.71cvss 9.8epss 0.57

    An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi POST requests).

  • CVE-2017-6529HigMar 9, 2017
    risk 0.60cvss 8.8epss 0.03

    An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking by guessing the UID parameter.

  • CVE-2017-6528HigMar 9, 2017
    risk 0.56cvss 8.1epss 0.03

    An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password storage (the /home/dna/spool/.pfile file).

  • CVE-2017-6527HigMar 9, 2017
    risk 0.56cvss 7.5epss 0.57

    An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by using the viewAppletFsa.cgi seqID parameter).