Skip to main content

Opc Ua Module For M580 Firmware

7 CVEs product

Monthly

CVE-2022-34765 MEDIUM PATCH This Month

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Opc Ua Module For M580 Firmware X80 Advanced Rtu Module Firmware
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-34764 HIGH PATCH This Week

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service when parsing the URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Opc Ua Module For M580 Firmware X80 Advanced Rtu Module Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-34763 HIGH PATCH This Week

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Opc Ua Module For M580 Firmware X80 Advanced Rtu Module Firmware
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2022-34762 HIGH PATCH This Week

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal Opc Ua Module For M580 Firmware X80 Advanced Rtu Module Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-34761 HIGH PATCH This Week

A CWE-476: NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Null Pointer Dereference Opc Ua Module For M580 Firmware X80 Advanced Rtu Module Firmware
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-34760 HIGH PATCH This Week

A CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability exists that could cause a denial of service of the webserver due to improper handling of the cookies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Opc Ua Module For M580 Firmware X80 Advanced Rtu Module Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-34759 HIGH PATCH This Week

A CWE-787: Out-of-bounds Write vulnerability exists that could cause a denial of service of the webserver due to improper parsing of the HTTP Headers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Memory Corruption Buffer Overflow Opc Ua Module For M580 Firmware X80 Advanced Rtu Module Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Opc Ua Module For M580 Firmware X80 Advanced Rtu Module Firmware
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service when parsing the URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Opc Ua Module For M580 Firmware +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Opc Ua Module For M580 Firmware X80 Advanced Rtu Module Firmware
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal Opc Ua Module For M580 Firmware X80 Advanced Rtu Module Firmware
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A CWE-476: NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Null Pointer Dereference Opc Ua Module For M580 Firmware +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability exists that could cause a denial of service of the webserver due to improper handling of the cookies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Opc Ua Module For M580 Firmware X80 Advanced Rtu Module Firmware
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A CWE-787: Out-of-bounds Write vulnerability exists that could cause a denial of service of the webserver due to improper parsing of the HTTP Headers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Memory Corruption Buffer Overflow +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy