Vulnerabilities > Siemens
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-19 | CVE-2008-6993 | Cryptographic Issues vulnerability in Siemens Gigaset Wlan Camera 1.27 Siemens Gigaset WLAN Camera 1.27 has an insecure default password, which allows remote attackers to conduct unauthorized activities. | 10.0 |
| 2009-08-07 | CVE-2008-6916 | Improper Authentication vulnerability in multiple products Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname. | 10.0 |
| 2009-03-26 | CVE-2009-1152 | Denial of Service vulnerability in Siemens Gigaset Se461 Wimax Router 1.5Bl024.9.6401 Siemens Gigaset SE461 WiMAX router 1.5-BL024.9.6401, and possibly other versions, allows remote attackers to cause a denial of service (device restart and loss of configuration) by connecting to TCP port 53, then closing the connection. | 7.3 |
| 2008-09-11 | CVE-2008-3972 | Permissions, Privileges, and Access Controls vulnerability in Opensc-Project Opensc pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of CVE-2008-2235. | 6.6 |
| 2008-08-01 | CVE-2008-2235 | Cryptographic Issues vulnerability in Opensc-Project Opensc OpenSC before 0.11.5 uses weak permissions (ADMIN file control information of 00) for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proximate attackers to change the PIN. | 4.9 |
| 2008-03-10 | CVE-2008-1267 | Numeric Errors vulnerability in Siemens Speedstream 6520 The Siemens SpeedStream 6520 router allows remote attackers to cause a denial of service (web interface crash) via an HTTP request to basehelp_English.htm with a large integer in the Content-Length field. | 7.8 |
| 2007-08-22 | CVE-2007-4488 | Cross-Site Scripting vulnerability in Siemens Gigaset Se361 Wlan Router 0 Multiple cross-site scripting (XSS) vulnerabilities in the Siemens Gigaset SE361 WLAN router with firmware 1.00.0 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI immediately following the filename for (1) a GIF filename, which triggers display of the GIF file in text format and an unspecified denial of service (crash); or (2) the login.tri filename, which triggers a continuous loop of the browser attempting to visit the login page. network siemens | 4.3 |
| 2005-08-03 | CVE-2005-2424 | Denial Of Service vulnerability in Siemens Santis 50 4.2.8.0 The management interface for Siemens SANTIS 50 running firmware 4.2.8.0, and possibly other products including Ericsson HN294dp and Dynalink RTA300W, allows remote attackers to access the Telnet port without authentication via certain packets to the web interface that cause the interface to freeze. | 7.5 |
| 2004-12-31 | CVE-2004-2626 | Unspecified vulnerability in Siemens S55 09.2179 GUI overlay vulnerability in the Java API in Siemens S55 cellular phones allows remote attackers to send unauthorized SMS messages by overlaying a confirmation message with a malicious message. | 3.7 |
| 2003-12-31 | CVE-2003-1464 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Siemens M45 and S45 Buffer overflow in Siemens 45 series mobile phones allows remote attackers to cause a denial of service (disconnect and unavailable inbox) via a Short Message Service (SMS) message with a long image name. | 7.8 |