|
209431
|
8.8 |
HIGH
Network
|
logrhythm
|
platform_manager
|
LogRhythm Platform Manager (PM) 7.4.9 allows CSRF. The Web interface is vulnerable to Cross-site WebSocket Hijacking (CSWH). If a logged-in PM user visits a malicious site in the same browser session…
|
CWE-352
Origin Validation Error
|
CVE-2020-25095
|
2024-11-21 14:17 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209432
|
9.8 |
CRITICAL
Network
|
logrhythm
|
platform_manager
|
LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server wit…
|
CWE-78
OS Command
|
CVE-2020-25094
|
2024-11-21 14:17 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209433
|
7.5 |
HIGH
Network
|
hosteng
|
h0-ecom100_firmware
h2-ecom100_firmware
h4-ecom100_firmware
|
The length of the input fields of Host Engineering H0-ECOM100, H2-ECOM100, and H4-ECOM100 modules are verified only on the client side when receiving input from the configuration web server, which ma…
|
CWE-20
Improper Input Validation
|
CVE-2020-25195
|
2024-11-21 14:17 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209434
|
7.5 |
HIGH
Network
|
siemens
|
logo\!_8_bm_firmware
|
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The password used for authentication for the LOGO! Website and the LOGO! Access Tool is sent in a reco…
|
-
|
CVE-2020-25235
|
2024-11-21 14:17 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209435
|
7.7 |
HIGH
Local
|
siemens
|
logo\!_8_bm_firmware
|
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! program files generated and used by the affected c…
|
-
|
CVE-2020-25234
|
2024-11-21 14:17 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209436
|
5.5 |
MEDIUM
Local
|
siemens
|
logo\!_8_bm_firmware
|
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The firmware update of affected devices contains the private RSA key that is used as a basis for encry…
|
-
|
CVE-2020-25233
|
2024-11-21 14:17 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209437
|
7.5 |
HIGH
Network
|
siemens
|
logo\!_8_bm_firmware
|
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an insecure random number generation function and a deprecated cryptographic funct…
|
-
|
CVE-2020-25232
|
2024-11-21 14:17 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209438
|
5.5 |
MEDIUM
Local
|
siemens
|
logo\!_8_bm_firmware
logo\!_soft_comfort
|
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The encryption of program data for the affected devices uses…
|
-
|
CVE-2020-25231
|
2024-11-21 14:17 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209439
|
7.5 |
HIGH
Network
|
siemens
|
logo\!_8_bm_firmware
|
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryptio…
|
-
|
CVE-2020-25230
|
2024-11-21 14:17 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209440
|
7.5 |
HIGH
Network
|
siemens
|
logo\!_8_bm_firmware
|
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The implemented encryption for communication with affected devices is prone to replay attacks due to t…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-25229
|
2024-11-21 14:17 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
