MidnightBSD

Advisories for sensysnetworks

CVE-2014-2378 MEDIUM

Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not verify the integrity of downloaded updates, which allows remote attackers to execute arbitrary code via a Trojan horse update.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-494,CWE-94,

Products Affected

Vendor Product Version
sensysnetworks vds 1.8.7
sensysnetworks trafficdot 2.10.1
sensysnetworks vds *
sensysnetworks vds 1.8.5
sensysnetworks vsn240-t -
sensysnetworks vsn240-f -
sensysnetworks trafficdot 2.8.3
sensysnetworks trafficdot 2.10.0
sensysnetworks vds 2.6.4
sensysnetworks trafficdot *
sensysnetworks vds 2.6.3
CVE-2014-2379 MEDIUM

Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not use encryption, which allows remote attackers to interfere with traffic control by replaying transmissions on a wireless network.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-311,CWE-310,

Products Affected

Vendor Product Version
sensysnetworks vds 1.8.7
sensysnetworks trafficdot 2.10.1
sensysnetworks vds *
sensysnetworks vds 1.8.5
sensysnetworks vsn240-t -
sensysnetworks vsn240-f -
sensysnetworks trafficdot 2.8.3
sensysnetworks trafficdot 2.10.0
sensysnetworks vds 2.6.4
sensysnetworks trafficdot *
sensysnetworks vds 2.6.3