Vulnerabilities > Martem > Telem GWM Firmware > 2018.04.18.linux.4.01.601cb47

DATE CVE VULNERABILITY TITLE RISK
2018-07-31 CVE-2018-10609 Cross-site Scripting vulnerability in Martem Telem-Gw6 Firmware and Telem-Gwm Firmware
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow improper sanitization of data over a Websocket which may allow cross-site scripting and client-side code execution with target user privileges.
network
low complexity
martem CWE-79
6.1
6.1
2018-07-31 CVE-2018-10607 Resource Exhaustion vulnerability in Martem Telem-Gw6 Firmware and Telem-Gwm Firmware
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel.
network
low complexity
martem CWE-400
7.5
7.5
2018-07-31 CVE-2018-10603 Improper Authentication vulnerability in Martem Telem-Gw6 Firmware and Telem-Gwm Firmware
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process.
network
low complexity
martem CWE-287
critical
 9.8
9.8