Vulnerabilities > Siemens > Ozw672 Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-11-12 CVE-2024-36140 Cross-site Scripting vulnerability in Siemens Ozw672 Firmware and Ozw772 Firmware
A vulnerability has been identified in OZW672 (All versions < V5.2), OZW772 (All versions < V5.2).
network
low complexity
siemens CWE-79
5.4
2020-02-11 CVE-2019-13941 Files or Directories Accessible to External Parties vulnerability in Siemens Ozw672 Firmware and Ozw772 Firmware
A vulnerability has been identified in OZW672 (All versions < V10.00), OZW772 (All versions < V10.00).
network
low complexity
siemens CWE-552
7.5
2017-08-08 CVE-2017-6873 Unspecified vulnerability in Siemens Ozw672 Firmware and Ozw772 Firmware
A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle (MITM) attack on the integrated web server on port 443/tcp.
network
high complexity
siemens
7.4
2017-08-08 CVE-2017-6872 Exposure of Resource to Wrong Sphere vulnerability in Siemens Ozw672 Firmware and Ozw772 Firmware
A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker with access to port 21/tcp to access or alter historical measurement data stored on the device.
network
low complexity
siemens CWE-668
6.5
2016-01-30 CVE-2016-1488 Cross-site Scripting vulnerability in Siemens Ozw672 Firmware and Ozw772 Firmware
Cross-site scripting (XSS) vulnerability in the login form in the integrated web server on Siemens OZW OZW672 devices before 6.00 and OZW772 devices before 6.00 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
network
low complexity
siemens CWE-79
6.1