Vulnerabilities > Siemens > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-08-07 | CVE-2008-6916 | Improper Authentication vulnerability in multiple products Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname. | 10.0 |
2003-04-22 | CVE-2002-1484 | Server-Side Request Forgery (SSRF) vulnerability in Siemens Db4Web 3.4/3.6 DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error message. | 9.8 |
2000-12-19 | CVE-2000-0964 | Unspecified vulnerability in Siemens Hinet LP 5100.0 Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | 10.0 |