Skip to main content

Uagates

11 CVEs product

Monthly

CVE-2022-37453 HIGH This Week

An issue was discovered in Softing OPC UA C++ SDK before 6.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Edgeaggregator Edgeconnector Opc +3
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-2547 HIGH This Week

A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Edgeaggregator Edgeconnector Opc +3
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-2338 MEDIUM This Month

Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Edgeaggregator Edgeconnector Opc Opc Ua C Software Development Kit +2
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2022-2337 HIGH This Week

A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Edgeaggregator Edgeconnector Opc +3
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-2336 CRITICAL Act Now

Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Edgeaggregator Edgeconnector Opc Opc Ua C Software Development Kit +2
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-2335 HIGH This Week

A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Edgeaggregator Edgeconnector Opc +3
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-2334 HIGH POC Act Now

The application searches for a library dll that is not found. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Edgeaggregator Edgeconnector Opc Opc Ua C Software Development Kit +2
NVD GitHub
CVSS 3.1
7.2
EPSS
9.5%
CVE-2022-1748 HIGH This Week

Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Edgeaggregator Edgeconnector Opc +3
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-1373 HIGH POC THREAT Act Now

The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Edgeaggregator Edgeconnector Opc Opc Ua C Software Development Kit +2
NVD GitHub
CVSS 3.1
7.2
EPSS
10.2%
CVE-2022-1069 HIGH This Week

A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Edgeaggregator Edgeconnector Opc +3
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-40873 HIGH This Week

An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66, and uaToolkit Embedded before 1.40. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Datafeed Opc Suite Edgeconnector Opc Secure Integration Server +3
NVD
CVSS 3.1
7.5
EPSS
1.3%
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in Softing OPC UA C++ SDK before 6.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Edgeaggregator +5
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Edgeaggregator +5
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Edgeaggregator Edgeconnector +4
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Edgeaggregator +5
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Edgeaggregator Edgeconnector +4
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Edgeaggregator +5
NVD
EPSS 10% CVSS 7.2
HIGH POC Act Now

The application searches for a library dll that is not found. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Edgeaggregator Edgeconnector +4
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Edgeaggregator +5
NVD
EPSS 10% CVSS 7.2
HIGH POC THREAT Act Now

The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Edgeaggregator Edgeconnector +4
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Edgeaggregator +5
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66, and uaToolkit Embedded before 1.40. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Datafeed Opc Suite Edgeconnector +5
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy