Vulnerabilities > Westermo > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2023-38579 | Cross-Site Request Forgery (CSRF) vulnerability in Westermo L206-F2G Firmware 4.24 The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. | 8.8 |
| 2024-02-06 | CVE-2023-45735 | Code Injection vulnerability in Westermo L206-F2G Firmware 4.24 A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device. | 8.0 |
| 2020-10-15 | CVE-2020-12504 | Hidden Functionality vulnerability in multiple products Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service. | 7.5 |