RSS   Vulnerabilities for 'Telem gw6 firmware'   RSS

2018-07-31
 
CVE-2018-10609

CWE-79
 

 
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow improper sanitization of data over a Websocket which may allow cross-site scripting and client-side code execution with target user privileges.

 
 
CVE-2018-10607

CWE-400
 

 
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel.

 
 
CVE-2018-10603

CWE-287
 

 
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process.

 

 >>> Vendor: Martem 2 Products
Telem gw6 firmware
Telem gwm firmware


Copyright 2024, cxsecurity.com

 

Back to Top