Skip to main content

Scalance Sc626 2C Firmware

6 CVEs product

Monthly

CVE-2022-46143 MEDIUM This Month

Affected devices do not check the TFTP blocksize correctly. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ruggedcom Rm1224 Lte 4G Eu Firmware Ruggedcom Rm1224 Lte 4G Nam Firmware Scalance M804Pb Firmware Scalance M812 1 Adsl Router Firmware +97
NVD
CVSS 4.0
5.1
EPSS
0.7%
CVE-2022-46142 MEDIUM This Month

Affected devices store the CLI user passwords encrypted in flash memory. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ruggedcom Rm1224 Lte 4G Eu Firmware Ruggedcom Rm1224 Lte 4G Nam Firmware Scalance M804Pb Firmware Scalance M812 1 Adsl Router Firmware +97
NVD
CVSS 4.0
5.2
EPSS
0.3%
CVE-2022-46140 HIGH This Week

Affected devices use a weak encryption scheme to encrypt the debug zip file. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ruggedcom Rm1224 Lte 4G Eu Firmware Ruggedcom Rm1224 Lte 4G Nam Firmware Scalance M804Pb Firmware Scalance M812 1 Adsl Router Firmware +97
NVD
CVSS 4.0
7.1
EPSS
0.2%
CVE-2022-32206 MEDIUM POC PATCH THREAT This Month

curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Curl Fedora Debian Linux Clustered Data Ontap +15
NVD
CVSS 3.1
6.5
EPSS
32.0%
CVE-2022-32205 MEDIUM POC PATCH THREAT This Month

A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Curl Fedora Debian Linux Clustered Data Ontap +15
NVD
CVSS 3.1
4.3
EPSS
26.9%
CVE-2022-30065 HIGH POC This Week

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption RCE Busybox +6
NVD VulDB
CVSS 3.1
7.8
EPSS
1.2%
EPSS 1% CVSS 5.1
MEDIUM This Month

Affected devices do not check the TFTP blocksize correctly. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ruggedcom Rm1224 Lte 4G Eu Firmware Ruggedcom Rm1224 Lte 4G Nam Firmware +99
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

Affected devices store the CLI user passwords encrypted in flash memory. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ruggedcom Rm1224 Lte 4G Eu Firmware Ruggedcom Rm1224 Lte 4G Nam Firmware +99
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Affected devices use a weak encryption scheme to encrypt the debug zip file. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ruggedcom Rm1224 Lte 4G Eu Firmware Ruggedcom Rm1224 Lte 4G Nam Firmware +99
NVD
EPSS 32% CVSS 6.5
MEDIUM POC PATCH THREAT This Month

curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Curl Fedora +17
NVD
EPSS 27% CVSS 4.3
MEDIUM POC PATCH THREAT This Month

A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Curl Fedora +17
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +8
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy