Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| raritan | dominion_sxa-48_firmware | - |
| raritan | dominion_sx16_firmware | - |
| raritan | dominion_sx8_firmware | - |
| raritan | dominion_sx32_firmware | 2.4.6 |
| raritan | dominion_sx4_firmware | - |
Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| raritan | px | * |
| raritan | px | 1.0.4 |
| raritan | px | 1.3.1 |
| raritan | px | 1.2.7 |
| raritan | px | 1.4.1 |
| raritan | px | 1.5.7 |
| raritan | px | 1.3 |
| raritan | dpxr20a-16 | - |
| raritan | px | 1.0 |
| raritan | px | 1.5.4 |
| raritan | px | 1.1.6 |
| raritan | px | 1.2.5 |
| raritan | px | 1.3.5 |
| raritan | px | 1.1 |
| raritan | px | 1.2 |
| raritan | px | 1.5 |
Raritan Japan Dominion KX2-101 switches before 2 allow remote attackers to cause a denial of service (device hang) via a crafted packet.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| raritan | dominion_kx_ii-101_firmware | - |
Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to license/records.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| raritan | power_iq | 4.2.1 |
| raritan | power_iq | 4.1.0 |
An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-611,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| raritan | commandcenter_secure_gateway | * |