» 2016 » 5월

CVE-2016-4502 (esc_8832_data_controller)

Posted on 2016년 5월 31일2016년 6월 2일 by admin

CVE-2016-4502 (esc_8832_data_controller)

Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier allows remote attackers to bypass intended access restrictions and execute arbitrary functions via a modified parameter.

Source: CVE-2016-4502 (esc_8832_data_controller)

CVE-2016-4502

Posted on 2016년 5월 31일2016년 5월 31일 by admin

CVE-2016-4502

Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier allows remote attackers to bypass intended access restrictions and execute arbitrary functions via a modified parameter.

Source: CVE-2016-4502

CVE-2016-4501 (esc_8832_data_controller)

Posted on 2016년 5월 31일2016년 6월 2일 by admin

CVE-2016-4501 (esc_8832_data_controller)

Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via unspecified vectors.

Source: CVE-2016-4501 (esc_8832_data_controller)

CVE-2016-4501

Posted on 2016년 5월 31일2016년 5월 31일 by admin

CVE-2016-4501

Source: CVE-2016-4501

CVE-2016-2295 (miineport_e1_4641_firmware, miineport_e1_7080_firmware, miineport_e2_1242_firmware, miineport_e2_4561_firmware, miineport_e3_firmware)

Posted on 2016년 5월 31일2016년 6월 2일 by admin

CVE-2016-2295 (miineport_e1_4641_firmware, miineport_e1_7080_firmware, miineport_e2_1242_firmware, miineport_e2_4561_firmware, miineport_e3_firmware)

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allow remote attackers to obtain sensitive cleartext information by reading a configuration file.

Source: CVE-2016-2295 (miineport_e1_4641_firmware, miineport_e1_7080_firmware, miineport_e2_1242_firmware, miineport_e2_4561_firmware, miineport_e3_firmware)

CVE-2016-2295

Posted on 2016년 5월 31일2016년 5월 31일 by admin

CVE-2016-2295

Source: CVE-2016-2295

CVE-2016-2286 (miineport_e1_4641_firmware, miineport_e1_7080_firmware, miineport_e2_1242_firmware, miineport_e2_4561_firmware, miineport_e3_firmware)

Posted on 2016년 5월 31일2016년 6월 2일 by admin

CVE-2016-2286 (miineport_e1_4641_firmware, miineport_e1_7080_firmware, miineport_e2_1242_firmware, miineport_e2_4561_firmware, miineport_e3_firmware)

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 have a blank default password, which allows remote attackers to obtain access via unspecified vectors.

Source: CVE-2016-2286 (miineport_e1_4641_firmware, miineport_e1_7080_firmware, miineport_e2_1242_firmware, miineport_e2_4561_firmware, miineport_e3_firmware)

CVE-2016-2286

Posted on 2016년 5월 31일2016년 5월 31일 by admin

CVE-2016-2286

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 have a blank default password, which allows remote attackers to obtain access via unspecified vectors.

Source: CVE-2016-2286

CVE-2016-0879 (edr_g903_firmware)

Posted on 2016년 5월 31일2016년 6월 2일 by admin

CVE-2016-0879 (edr_g903_firmware)

Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL.

Source: CVE-2016-0879 (edr_g903_firmware)

CVE-2016-2285 (miineport_e1_4641_firmware, miineport_e1_7080_firmware, miineport_e2_1242_firmware, miineport_e2_4561_firmware, miineport_e3_firmware)

Posted on 2016년 5월 31일2016년 6월 1일 by admin

CVE-2016-2285 (miineport_e1_4641_firmware, miineport_e1_7080_firmware, miineport_e2_1242_firmware, miineport_e2_4561_firmware, miineport_e3_firmware)

Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allows remote attackers to hijack the authentication of arbitrary users.

Source: CVE-2016-2285 (miineport_e1_4641_firmware, miineport_e1_7080_firmware, miineport_e2_1242_firmware, miineport_e2_4561_firmware, miineport_e3_firmware)