Skip to main content

Axeda Desktop Server

7 CVEs product

Monthly

CVE-2022-25252 HIGH This Week

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) when receiving certain input throws an exception. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Axeda Agent Axeda Desktop Server
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-25251 CRITICAL Act Now

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain XML messages to a specific port without proper. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Axeda Agent Axeda Desktop Server
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2022-25250 HIGH This Week

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send a certain command to a specific port without. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Axeda Agent Axeda Desktop Server
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-25249 HIGH This Week

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) (disregarding Axeda agent v6.9.2 and v6.9.3) is vulnerable to directory traversal,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Path Traversal Axeda Agent Axeda Desktop Server
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2022-25248 MEDIUM This Month

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) supplies the event log of the specific service. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Axeda Agent Axeda Desktop Server
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2022-25247 CRITICAL Act Now

Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain commands to a specific port without authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Microsoft Axeda Agent Axeda Desktop Server
NVD
CVSS 3.1
9.8
EPSS
3.9%
CVE-2022-25246 HIGH This Week

Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Axeda Agent Axeda Desktop Server
NVD
CVSS 3.1
8.8
EPSS
1.7%
EPSS 2% CVSS 7.5
HIGH This Week

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) when receiving certain input throws an exception. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Axeda Agent +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain XML messages to a specific port without proper. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Axeda Agent +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send a certain command to a specific port without. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Axeda Agent +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) (disregarding Axeda agent v6.9.2 and v6.9.3) is vulnerable to directory traversal,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Path Traversal Axeda Agent +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) supplies the event log of the specific service. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Axeda Agent +1
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain commands to a specific port without authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Microsoft +2
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Axeda Agent +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy