MidnightBSD

Advisories for westermo

CVE-2015-7923 HIGH

Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-310,

Products Affected

Vendor Product Version
westermo weos 4.18.0
CVE-2016-5816 MEDIUM

A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-798,

Products Affected

Vendor Product Version
westermo mrd-455-din_firmware -
westermo mrd-315-din_firmware -
westermo mrd-305-din_firmware -
westermo mrd-355-din_firmware -
CVE-2017-12703 MEDIUM

A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to trick a user into making a malicious request to the server.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
westermo mrd-455-din_firmware -
westermo mrd-315-din_firmware -
westermo mrd-305-din_firmware -
westermo mrd-355-din_firmware -
CVE-2017-12709 LOW

A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, which could allow for unauthorized local low-privileged access to the device.

CVSS 2.0

Severity: LOW

Problem Type: CWE-798,CWE-798,

Products Affected

Vendor Product Version
westermo mrd-455-din_firmware -
westermo mrd-315-din_firmware -
westermo mrd-305-din_firmware -
westermo mrd-355-din_firmware -
CVE-2018-19612 MEDIUM

The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-434,

Products Affected

Vendor Product Version
westermo mr-260_firmware *
westermo dr-260_firmware *
westermo dr-250_firmware *
CVE-2018-19613 MEDIUM

Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allow CSRF.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
westermo mr-260_firmware *
westermo dr-260_firmware *
westermo dr-250_firmware *
CVE-2018-19614 MEDIUM

XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
westermo mr-260_firmware *
westermo dr-260_firmware *
westermo dr-250_firmware *
CVE-2020-12504 HIGH

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
info@cert.vde.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-912,NVD-CWE-Other,

Products Affected

Vendor Product Version
pepperl-fuchs es8510-xt_firmware *
pepperl-fuchs es7510-xt_firmware *
pepperl-fuchs es9528-xtv2_firmware *
pepperl-fuchs es9528_firmware *
korenix jetwave_2212x_firmware 1.5
pepperl-fuchs es9528-xt_firmware *
pepperl-fuchs icrl-m-16rj45/4cp-g-din_firmware *
westermo pmi-110-f2g_firmware 1.5
korenix jetwave_3420_firmware 1.1.3t
pepperl-fuchs es8508_firmware *
pepperl-fuchs es8510_firmware *
pepperl-fuchs es8508f_firmware *
pepperl-fuchs icrl-m-8rj45/4sfp-g-din_firmware *
korenix jetwave_2212g_firmware 1.4
korenix jetwave_3220_firmware 1.2
pepperl-fuchs es7506_firmware *
korenix jetwave_5310_firmware 1.5
korenix jetwave_2212s_firmware 1.5
korenix jetwave_5010_firmware 3.1a
pepperl-fuchs es8509-xt_firmware *
pepperl-fuchs es7510_firmware *
korenix jetwave_4706_firmware 2.3b
korenix jetwave_2311_firmware 1.2
korenix jetwave_4706f_firmware 2.3b
korenix jetwave_5810g_firmware 1.1
pepperl-fuchs es7528_firmware *
korenix jetwave_5428g-20sfp_firmware 1.0
pepperl-fuchs es8510-xte_firmware *
korenix jetwave_4510_firmware 3.0b
CVE-2020-7227 MEDIUM

Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, backup.asp, sys-power.asp, ifaces-wls.asp, ifaces-wls-pkt.asp, and ifaces-wls-pkt-adv.asp.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
westermo mrd-315_firmware 1.7.3
westermo mrd-315_firmware 1.7.4
CVE-2023-38579

The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 8.0 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 2.1 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
westermo l206-f2g_firmware 4.24
CVE-2023-40143

An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "forward.0.domain" parameter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 2.8 2.5
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
westermo l206-f2g_firmware 4.24
CVE-2023-40544

An attacker with access to the network where the affected devices are located could maliciously actions to obtain, via a sniffer, sensitive information exchanged via TCP communications.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 5.7 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.1 3.6
nvd@nist.gov 5.7 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.1 3.6

Products Affected

Vendor Product Version
westermo l206-f2g_firmware 4.24
CVE-2023-42765

An attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "username" parameter in the SNMP configuration.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
ics-cert@hq.dhs.gov 5.4 MEDIUM CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
westermo l206-f2g_firmware 4.24
CVE-2023-45213

A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 2.8 3.6
ics-cert@hq.dhs.gov 6.6 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N 2.1 4.0

Products Affected

Vendor Product Version
westermo l206-f2g_firmware 4.24
CVE-2023-45222

An attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "autorefresh" parameter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
ics-cert@hq.dhs.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 2.8 2.5

Products Affected

Vendor Product Version
westermo l206-f2g_firmware 4.24
CVE-2023-45227

An attacker with access to the web application with vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "dns.0.server" parameter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
ics-cert@hq.dhs.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 2.8 2.5

Products Affected

Vendor Product Version
westermo l206-f2g_firmware 4.24
CVE-2023-45735

A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 8.0 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 2.1 5.9
nvd@nist.gov 8.0 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 2.1 5.9

Products Affected

Vendor Product Version
westermo l206-f2g_firmware 4.24
CVE-2024-32943

An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
westermo l210-f2g_firmware 4.21.0
CVE-2024-35246

An attacker may be able to cause a denial-of-service condition by sending many packets repeatedly.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
westermo l210-f2g_lynx_firmware 4.21.0
CVE-2024-37183

Plain text credentials and session ID can be captured with a network sniffer.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 5.7 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.1 3.6

Products Affected

Vendor Product Version
westermo l210-f2g_firmware 4.21.0