Vulnerabilities > Softing > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-02 | CVE-2021-29660 | Cross-Site Request Forgery (CSRF) vulnerability in Softing OPC Toolbox 4.10.1.13035 A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.html in Softing AG OPC Toolbox through 4.10.1.13035 allows attackers to reset the administrative password by inducing the Administrator user to browse a URL controlled by an attacker. | 8.8 |
| 2020-08-25 | CVE-2020-14522 | Resource Exhaustion vulnerability in Softing OPC Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to uncontrolled resource consumption, which may allow an attacker to cause a denial-of-service condition. | 7.5 |
| 2019-10-10 | CVE-2019-15051 | Command Injection vulnerability in Softing products An issue was discovered in Softing uaGate (SI, MB, 840D) firmware through 1.71.00.1225. | 8.8 |
| 2019-10-10 | CVE-2019-11528 | Incorrect Permission Assignment for Critical Resource vulnerability in Softing Uagate SI Firmware 1.60.01 An issue was discovered in Softing uaGate SI 1.60.01. | 7.5 |
| 2019-10-10 | CVE-2019-11527 | OS Command Injection vulnerability in Softing Uagate SI Firmware 1.60.01 An issue was discovered in Softing uaGate SI 1.60.01. | 8.8 |