Monthly
Edimax GS-5008PL switches running firmware 1.00.54 and earlier contain an authentication bypass in the management interface that allows unauthenticated remote attackers to gain administrative access by exploiting a flawed global authentication flag mechanism. Once bypassed, attackers can modify administrator credentials, upload malicious firmware, and alter device configurations without any authentication required. No patch is currently available for this high-severity vulnerability.
Horner Automation’s RCC 972 firmware version 15.40 contains global variables. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Edimax GS-5008PL switches running firmware 1.00.54 and earlier contain an authentication bypass in the management interface that allows unauthenticated remote attackers to gain administrative access by exploiting a flawed global authentication flag mechanism. Once bypassed, attackers can modify administrator credentials, upload malicious firmware, and alter device configurations without any authentication required. No patch is currently available for this high-severity vulnerability.
Horner Automation’s RCC 972 firmware version 15.40 contains global variables. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.