CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

siemens

scalance_w700_ieee_802.11ax_firmware

4 known vulnerabilities · sorted by CVSS score

CVE-2022-36323

CRITICAL9.1

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

siemens / scalance_m-800_firmware+89

Network

Published Aug 10, 2022

CVE-2022-36324

HIGH7.5

Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.

siemens / scalance_m-800_firmware+83

Network

Published Aug 10, 2022

CVE-2022-36325

MEDIUM6.8

Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS.

siemens / scalance_m-800_firmware+89

Network

Published Aug 10, 2022

CVE-2020-26144

MEDIUM6.5

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

samsung / galaxy_i9305_firmware+17

Adjacent

Published May 11, 2021