Scalance Xr 300 Firmware
Monthly
Affected devices do not properly sanitize data introduced by an user when rendering the web interface. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Affected devices do not properly handle the renegotiation of SSL/TLS parameters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Affected devices do not properly sanitize an input field. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity.
Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Affected devices do not properly sanitize data introduced by an user when rendering the web interface. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Affected devices do not properly handle the renegotiation of SSL/TLS parameters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Affected devices do not properly sanitize an input field. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity.
Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.