2019-06-03
2019-06-03 19:29Z
HIGH

CVE-2017-14852 — Orpak Siteomat: The attack allows for an eavesdropper to capture the communication and decrypt the data.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-14852

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The attack allows for an eavesdropper to capture the communication and decrypt the data. CVSSv3.1 8.6 (HIGH) · EPSS 69th percentile

CWECWE 311CWECWE 310VNDOrpakTYPVulnerability
8.6
CVSS v3.1
93
Edit Score
2019-06-03
2019-06-03 19:29Z
CRIT

CVE-2017-14851 — Orpak Siteomat: A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-14851

A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The vulnerability is in the login page, where the authentication validation process contains an insecure SELECT query. The attack allows for authentication bypass. CVSSv3.1 9.8 (CRITICAL) · EPSS 90th percentile

CWECWE 89VNDOrpakTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2019-06-03
2019-06-03 19:29Z
CRIT

CVE-2017-14728 — Orpak Siteomat: An authentication bypass was found in an unknown area of the SiteOmat source code.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-14728

An authentication bypass was found in an unknown area of the SiteOmat source code. All SiteOmat BOS versions are affected, prior to the submission of this exploit. Also, the SiteOmat does not force administrators to switch passwords, leaving SSH and HTTP remote authentication open to public. CVSSv3.1 9.8 (CRITICAL) · EPSS 93th percentile

CWECWE 798VNDOrpakTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2019-05-22
2019-05-22 20:29Z
HIGH

CVE-2019-6820 — Schneider-electric Modicon_m100_firmware: A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-6820

A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC drive controller, Modicon M241, Modicon M251, Modicon M258, Modicon LMC058, Modicon LMC078, PacDrive Eco ,PacDrive Pro, PacDrive Pro2 CVSSv3.1 8.2 (HIGH) · EPSS 53th percentile

CWECWE 306VNDSchneider ElectricVNDCweTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2019-05-02
2019-05-02 20:29Z
CRIT

CVE-2018-16988 — Buffalo Open_xdmod: An authentication bypass (account takeover) exists due to a weak password reset mechanism.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-16988

An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass (account takeover) exists due to a weak password reset mechanism. A brute-force attack against an MD5 rid value requires only 600 guesses in the plausible situation where the attacker knows that the victim has started a password-reset process (pass_reset.php, password_reset.php, XDUser.php) in the past few minutes. CVSSv3.1 9.8 (CRITICAL) · EPSS 54th percentile

CWECWE 640VNDBuffaloTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2019-04-10
2019-04-10 20:29Z
CRIT

CVE-2019-11068 — Xmlsoft Libxslt: through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-11068

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. CVSSv3.1 9.8 (CRITICAL) · EPSS 78th percentile

VNDCanonicalVNDXmlsoftTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2019-04-01
2019-04-01 17:47Z
HIGH

impacket 0.9.19

Impacket releases·github.com

Impacket 0.9.19 release adds significant offensive capabilities including resource-based constrained delegation support in GetST.py, NTLM relay improvements with local admin checks, SMB mount point abuse features, and enhanced credential extraction tools. The release represents incremental but meaningful improvements to a foundational red-team toolkit used extensively in domain compromise chains.

TACTA0004SRFNetworkTACTA0006SRFIdentityTACTA0008VNDImpacketTYPToolSTGPrivesc
72
Edit Score
728 × 90 / responsive · programmatic ad slot
2019-02-26
2019-02-26 23:29Z
CRIT

CVE-2019-9201 — Phoenixcontact Ilc_131_eth_firmware: Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-9201

Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories. CVSSv3.1 9.8 (CRITICAL) · EPSS 81th percentile

CWECWE 306VNDPhoenixcontactVNDPhoenixTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2018-12-07
2018-12-07 14:29Z
HIGH

CVE-2018-17924 — Rockwellautomation Micrologix_1400_firmware: Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-17924

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the CVSSv3.1 8.6 (HIGH) · EPSS 25th percentile

CWECWE 306VNDRockwellautomationVNDRockwellTYPVulnerability
8.6
CVSS v3.1
93
Edit Score
2018-12-06
2018-12-06 16:29Z
HIGH

CVE-2018-19908 — Misp-project Misp: An issue was discovered in MISP 2.4.9x before 2.4.99.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-19908

An issue was discovered in MISP 2.4.9x before 2.4.99. In app/Model/Event.php (the STIX 1 import code), an unescaped filename string is used to construct a shell command. This vulnerability can be abused by a malicious authenticated user to execute arbitrary commands by tweaking the original filename of the STIX import. CVSSv3.1 8.8 (HIGH) · EPSS 97th percentile

CWECWE 78VNDMispVNDMisp ProjectTYPVulnerability
8.8
CVSS v3.1
99
Edit Score
2018-11-02
2018-11-02 17:29Z
HIGH

CVE-2018-7798 — Schneider-electric Somachine_basic: A Insufficient Verification of Data Authenticity (CWE-345) vulnerability exists in the Modicon M221, all

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-7798

A Insufficient Verification of Data Authenticity (CWE-345) vulnerability exists in the Modicon M221, all versions, which could cause a change of IPv4 configuration (IP address, mask and gateway) when remotely connected to the device. CVSSv3.1 8.2 (HIGH) · EPSS 36th percentile

CWECWE 345VNDSchneider ElectricVNDVerificationTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2018-09-12
2018-09-12 14:29Z
HIGH

CVE-2018-3885 — Frappe Erpnext: An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-3885

An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The order_by parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required. CVSSv3.1 8.8 (HIGH) · EPSS 49th percentile

CWECWE 89VNDFrappeTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2018-09-12
2018-09-12 14:29Z
HIGH

CVE-2018-3884 — Frappe Erpnext: An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-3884

An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The sort_by and start parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required. CVSSv3.1 8.8 (HIGH) · EPSS 49th percentile

CWECWE 89VNDFrappeTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2018-09-12
2018-09-12 14:29Z
HIGH

CVE-2018-3883 — Frappe Erpnext: An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-3883

An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The employee and sort_order parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required. CVSSv3.1 8.8 (HIGH) · EPSS 49th percentile

CWECWE 89VNDFrappeTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2018-09-12
2018-09-12 14:29Z
HIGH

CVE-2018-3882 — Frappe Erpnext: An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-3882

An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The searchfield parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required. CVSSv3.1 8.8 (HIGH) · EPSS 49th percentile

CWECWE 89VNDFrappeTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2018-08-29
2018-08-29 21:29Z
CRIT

CVE-2018-7791 — Schneider-electric Modicon_m221_firmware: The vulnerability allows unauthorized users to overwrite the original password with their password.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-7791

A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to overwrite the original password with their password. If an attacker exploits this vulnerability and overwrite the password, the attacker can upload the original program from the PLC. CVSSv3.1 9.8 (CRITICAL) · EPSS 58th percentile

CWECWE 287CWECWE 284VNDSchneider ElectricTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2018-08-29
2018-08-29 21:29Z
CRIT

CVE-2018-7790 — Schneider-electric Modicon_m221_firmware: The vulnerability allows unauthorized users to replay authentication sequences.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-7790

An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC. CVSSv3.1 9.8 (CRITICAL) · EPSS 78th percentile

CWECWE 294VNDSchneider ElectricVNDInformationTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2018-07-24
2018-07-24 17:29Z
CRIT

CVE-2018-8859 — Echelon Smartserver_1_firmware: An attacker can bypass the required authentication specified in the security configuration file by

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-8859

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specified in the security configuration file by including extra characters in the directory name when specifying the directory to be accessed. This vulnerability does not affect the i.LON 600 product. CVSSv3.1 9.8 (CRITICAL) · EPSS 54th percentile

CWECWE 288CWECWE 287VNDEchelonTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2018-07-24
2018-07-24 17:29Z
CRIT

CVE-2018-8855 — Echelon Smartserver_1_firmware: The devices allow unencrypted Web connections by default, and devices can receive configuration and

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-8855

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices allow unencrypted Web connections by default, and devices can receive configuration and firmware updates by unsecure FTP. CVSSv3.1 9.8 (CRITICAL) · EPSS 35th percentile

CWECWE 319VNDEchelonTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2018-07-24
2018-07-24 17:29Z
CRIT

CVE-2018-8851 — Echelon Smartserver_1_firmware: The devices store passwords in plaintext, which may allow an attacker with access to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-8851

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may allow an attacker with access to the configuration file to log into the SmartServer web user interface. CVSSv3.1 9.8 (CRITICAL) · EPSS 45th percentile

CWECWE 522CWECWE 256VNDEchelonTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2018-07-24
2018-07-24 17:29Z
CRIT

CVE-2018-10627 — Echelon Smartserver_1_firmware: SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-10627

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can use the SOAP API to retrieve and change sensitive configuration items such as the usernames and passwords for the Web and FTP servers. This vulnerability does not affect the i.LON 600 product. CVSSv3.1 9.8 (CRITICAL) · EPSS 48th percentile

CWECWE 200VNDEchelonTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2018-06-22
2018-06-22 14:29Z
CRIT

CVE-2018-12649 — Misp-project Misp: An adversary can bypass the brute-force protection by using a PUT HTTP method instead

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-12649

An issue was discovered in app/Controller/UsersController.php in MISP 2.4.92. An adversary can bypass the brute-force protection by using a PUT HTTP method instead of a POST HTTP method in the login part, because this protection was only covering POST requests. CVSSv3.1 9.8 (CRITICAL) · EPSS 71th percentile

CWECWE 307VNDMisp ProjectTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2018-05-22
2018-05-22 12:29Z
MED

CVE-2018-3639 — Intel Atom_c: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. CVSSv3.1 5.5 (MEDIUM) · EPSS 98th percentile

CWECWE 203VNDIntelTYPVulnerability
5.5
CVSS v3.1
91
Edit Score
2018-05-14
2018-05-14 23:29Z
CRIT

CVE-2018-11091 — Mybiz Myprocurenet: An issue was discovered in MyBiz MyProcureNet 5.0.0.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-11091

An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserver by an attacker. It is possible for an attacker to upload a script to issue operating system commands. This vulnerability occurs because an attacker is able to adjust the "HiddenFieldControlCustomWhiteListedExtensions" parameter and add arbitrary extensions to the whitelist during the upload. For instance, if the extension .asp is added to the "HiddenFieldControlCustomWhiteLi CVSSv3.1 9.9 (CRITICAL) · EPSS 82th percentile

CWECWE 434VNDMybizTYPVulnerability
9.9
CVSS v3.1
100
Edit Score
2018-04-11
2018-04-11 13:29Z
CRIT

CVE-2018-1273 — Broadcom Spring_data_commons: An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-1273in the wild

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack. CVSSv3.1 9.8 (CRITICAL) · EPSS 100th percentile

CWECWE 94VNDApacheVNDBroadcomVNDPivotal SoftwareTYPVulnerabilitySTAitw exploited
9.8
CVSS v3.1
100
Edit Score