Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12512PUBLISHED: 2021-01-22Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513PUBLISHED: 2021-01-22Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514PUBLISHED: 2021-01-22Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd
CVE-2020-12525PUBLISHED: 2021-01-22M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
CVE-2020-12511PUBLISHED: 2021-01-22Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface.
User Rank: Ninja
8/27/2019 | 2:54:38 PM
Disclaimer: I am something of an expert on disaster recovery techniques when 18 years ago I had to walk down out of my office building in lower Manhattan and shortly later the data center on the 103rd floor of the south tower followed me down. I am a survivor of that day from Aon, on the 101st floor, S-tower, of the World Trade Center.