CVSS: 10.0EPSS: 10%CPEs: 5EXPL: 0CVE-2013-0714 – TP-Link VxWorks / 2-Series Switches Fail
https://notcve.org/view.php?id=CVE-2013-0714
20 Mar 2013 — IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or cause a denial of service (daemon hang) via a crafted public-key authentication request. IPSSH (también conocido como servidor SSH) en Wind River VxWorks v6.5 hasta v6.9 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicios (caída del demonio) a través de una petición de autenticación de clave pública manipulada. TP-Link VxWorks-based devices and 2-Serie... • http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2013-0715 – TP-Link VxWorks / 2-Series Switches Fail
https://notcve.org/view.php?id=CVE-2013-0715
20 Mar 2013 — The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string. El componente WebCLI en Wind River VxWorks v5.5 hasta v6.9 permite a usuarios remotos autenticados provocar una denegación de servicio (caída de la sesión) a través de una cadena de comandos especialmente diseñada. TP-Link VxWorks-based devices and 2-Series switches suffer from a large amount of vulnerabilities that the vendor refuses to ... • http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2013-0716 – TP-Link VxWorks / 2-Series Switches Fail
https://notcve.org/view.php?id=CVE-2013-0716
20 Mar 2013 — The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI. El servidor web en Wind River VxWorks v5.5 hasta v6.9 permite a atacantes remotos causar una denegación de servicios (caída del demonio) a través de una URI manipulada TP-Link VxWorks-based devices and 2-Series switches suffer from a large amount of vulnerabilities that the vendor refuses to address. • http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 93%CPEs: 4EXPL: 0CVE-2010-2965
https://notcve.org/view.php?id=CVE-2010-2965
04 Aug 2010 — The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. El servicio WDB target agent debug en Wind River VxWorks v6.x, v5.x, y anteriores, como los usados en el Rockwell Automation 1756-ENBT serie A con firmw... • http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html • CWE-863: Incorrect Authorization •