Author: T. Weber

Country:

Reported research: 23

Advisories

Risk	Topic & Details
Med.	Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor (CVE assigned) Remote \| 2022-06-20
High	Korenix JetPort 5601V3 Backdoor Account (CVE assigned) Remote \| 2022-06-06
High	dbus-broker-29 Memory Corruption (CVE assigned) Remote \| 2022-06-06
Med.	Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication (CVE assigned) Remote \| 2022-04-17
High	Korenix Technology JetWave CSRF / Command Injection / Missing Authentication (CVE assigned) Remote \| 2022-02-07
Med.	Moxa Command Injection / Cross Site Scripting / Vulnerable Software (CVE assigned) Remote \| 2021-09-01
Low	Altus Sistemas de Automacao Products CSRF / Command Injection / Hardcoded Credentials (CVE assigned) Remote \| 2021-08-20
Med.	Korenix CSRF / Backdoor Accounts / Command Injection / Missing Authentication (CVE assigned) Remote \| 2021-06-01
Med.	Pepperl+Fuchs IO-Link Master Series 1.36 CSRF / XSS / Command Injection (CVE assigned) Remote \| 2021-01-14
Med.	ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password Remote \| 2020-11-28
Med.	RocketLinx Series Authentication Bypass / CSRF / Command Injection (CVE assigned) Remote \| 2020-10-05
Med.	Red Lion N-Tron 702-W / 702M12-W 2.0.26 XSS / CSRF / Shell (CVE assigned) Remote \| 2020-09-05
Med.	Phoenix Contact TC Router / TC Cloud Client Command Injection (CVE assigned) Remote \| 2020-03-14
Low	Zyxel USG/UAG/ATP/VPN/NXC External DNS Requests Remote \| 2019-09-01
High	Zyxel NWA/NAP/WAC Hardcoded Credentials Remote \| 2019-09-01
Low	WAGO 852 Industrial Managed Switch Series Code Execution / Hardcoded Credentials (CVE assigned) Remote \| 2019-06-14
Med.	Siglent Technologies SDS 1202X-E Digital Oscilloscope 5.1.3.13 Hardcoded Credentials Remote \| 2018-12-03
High	WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution (CVE assigned) Remote \| 2018-07-12
Med.	Vgate iCar2 WiFi OBD2 Dongle Inadequate Access Protections (CVE assigned) Remote \| 2018-05-31
High	Solar-Log CSRF / Information Disclosure / DoS / File Upload (CVE assigned) Remote \| 2017-03-22
High	Ubiquiti Networks Command Injection Remote \| 2017-03-18
High	JUNG Smart Visu Server Path Traversal, Backdoor accounts & KNX group address Remote \| 2017-02-07
Med.	Ubiquiti Networks Cross Site Scripting / Cross Site Request Forgery Remote \| 2017-01-31

Author: T. Weber

Reported research: 23

Advisories

Med.

Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor (CVE assigned)

Remote | 2022-06-20

High

Korenix JetPort 5601V3 Backdoor Account (CVE assigned)

Remote | 2022-06-06

High

dbus-broker-29 Memory Corruption (CVE assigned)

Remote | 2022-06-06

Med.

Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication (CVE assigned)

Remote | 2022-04-17

High

Korenix Technology JetWave CSRF / Command Injection / Missing Authentication (CVE assigned)

Remote | 2022-02-07

Med.

Moxa Command Injection / Cross Site Scripting / Vulnerable Software (CVE assigned)

Remote | 2021-09-01

Low

Altus Sistemas de Automacao Products CSRF / Command Injection / Hardcoded Credentials (CVE assigned)

Remote | 2021-08-20

Med.

Korenix CSRF / Backdoor Accounts / Command Injection / Missing Authentication (CVE assigned)

Remote | 2021-06-01

Med.

Pepperl+Fuchs IO-Link Master Series 1.36 CSRF / XSS / Command Injection (CVE assigned)

Remote | 2021-01-14

Med.

Remote | 2020-11-28

Med.

RocketLinx Series Authentication Bypass / CSRF / Command Injection (CVE assigned)

Remote | 2020-10-05

Med.

Red Lion N-Tron 702-W / 702M12-W 2.0.26 XSS / CSRF / Shell (CVE assigned)

Remote | 2020-09-05

Med.

Phoenix Contact TC Router / TC Cloud Client Command Injection (CVE assigned)

Remote | 2020-03-14

Low

Remote | 2019-09-01

High

Remote | 2019-09-01

Low

WAGO 852 Industrial Managed Switch Series Code Execution / Hardcoded Credentials (CVE assigned)

Remote | 2019-06-14

Med.

Remote | 2018-12-03

High

WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution (CVE assigned)

Remote | 2018-07-12

Med.

Vgate iCar2 WiFi OBD2 Dongle Inadequate Access Protections (CVE assigned)

Remote | 2018-05-31

High

Solar-Log CSRF / Information Disclosure / DoS / File Upload (CVE assigned)

Remote | 2017-03-22

High

Remote | 2017-03-18

High

Remote | 2017-02-07

Med.

Remote | 2017-01-31

Do you know.. we can display your:

- Twitter Link - Website Link - Zone-H Link - Description of profile - email (let us know if you want show public)

Let's us know! submit@cxsec.org

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)