Vulnerabilities > Westermo > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-06 | CVE-2023-38579 | Cross-Site Request Forgery (CSRF) vulnerability in Westermo L206-F2G Firmware 4.24 The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. | 8.8 |
2024-02-06 | CVE-2023-45735 | Code Injection vulnerability in Westermo L206-F2G Firmware 4.24 A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device. | 8.0 |
2019-05-24 | CVE-2018-19612 | Unrestricted Upload of File with Dangerous Type vulnerability in Westermo Dr-250 Firmware, Dr-260 Firmware and Mr-260 Firmware The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. | 8.8 |
2017-08-25 | CVE-2017-12703 | Cross-Site Request Forgery (CSRF) vulnerability in Westermo products A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. | 8.8 |
2017-08-25 | CVE-2016-5816 | Use of Hard-coded Credentials vulnerability in Westermo products A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. | 7.5 |