Vulnerabilities > Raritan
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-18 | CVE-2018-20687 | XXE vulnerability in Raritan Commandcenter Secure Gateway An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. | 7.5 |
2014-11-26 | CVE-2014-9095 | SQL Injection vulnerability in Raritan Power IQ 4.1.0/4.2.1 Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to license/records. | 7.5 |
2014-07-14 | CVE-2014-2955 | Improper Authentication vulnerability in Raritan Dpxr20A-16 and PX Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. | 10.0 |