CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0CVE-2023-5719 – Red Lion Crimson Improper Neutralization of Null Byte or NUL Character
https://notcve.org/view.php?id=CVE-2023-5719
06 Nov 2023 — The Crimson 3.2 Windows-based configuration tool allows users with administrative access to define new passwords for users and to download the resulting security configuration to a device. If such a password contains the percent (%) character, invalid values will be included, potentially truncating the string if a NUL is encountered. If the simplified password is not detected by the administrator, the device might be left in a vulnerable state as a result of more-easily compromised credentials. Note that pa... • https://support.redlion.net/hc/en-us/categories/360002087671-Security-Advisories • CWE-158: Improper Neutralization of Null Byte or NUL Character •
CVSS: 5.4EPSS: 0%CPEs: 34EXPL: 0CVE-2023-34412 – Stored XXS vulnerability in mbnet, mbnet.rokey, REX 200 and REX 250
https://notcve.org/view.php?id=CVE-2023-34412
17 Aug 2023 — A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS). A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS). • https://cert.vde.com/en/advisories/VDE-2023-012 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 121EXPL: 0CVE-2022-3090
https://notcve.org/view.php?id=CVE-2022-3090
17 Nov 2022 — Red Lion Controls Crimson 3.0 versions 707.000 and prior, Crimson 3.1 versions 3126.001 and prior, and Crimson 3.2 versions 3.2.0044.0 and prior are vulnerable to path traversal. When attempting to open a file using a specific path, the user's password hash is sent to an arbitrary host. This could allow an attacker to obtain user credential hashes. Red Lion Controls Crimson 3.0 versiones 707.000 y anteriores, Crimson 3.1 versiones 3126.001 y anteriores, y Crimson 3.2 versiones 3.2.0044.0 y anteriores son vu... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-1039 – ICSA-22-104-03 Red Lion DA50N
https://notcve.org/view.php?id=CVE-2022-1039
20 Apr 2022 — The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted interfaces. While the SSH service does not support root login, a user logging in using either of the other Linux accounts may elevate to root access using the su command if they have access to the associated password. La débil contraseñ... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03 • CWE-521: Weak Password Requirements •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26516 – ICSA-22-104-03 Red Lion DA50N
https://notcve.org/view.php?id=CVE-2022-26516
20 Apr 2022 — Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment. Los usuarios autorizados pueden instalar un archivo de paquete modificado maliciosamente cuando actualizan el dispositivo por medio de la interfaz de usuario web. El usuario puede usar inadvertidamente un archivo de paquete obtenido de una fuente ... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-27179 – ICSA-22-104-03 Red Lion DA50N
https://notcve.org/view.php?id=CVE-2022-27179
20 Apr 2022 — A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised. Un actor malicioso que tenga acceso al archivo de configuración exportado puede obtener las credenciales almacenadas y, por tanto, obtener acceso al recurso protegido. Si las mismas contraseñas se utilizaron para otros recursos, otros activos de este tipo pueden vers... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03 • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27283
https://notcve.org/view.php?id=CVE-2020-27283
06 Jan 2021 — An attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119.001) that could leak arbitrary memory locations. Un atacante podría enviar un mensaje especialmente diseñado a Crimson versión 3.1 (versiones de Compilación anteriores a 3119.001) que podría filtrar ubicaciones de memoria arbitrarias • https://us-cert.cisa.gov/ics/advisories/icsa-21-005-04 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27279
https://notcve.org/view.php?id=CVE-2020-27279
06 Jan 2021 — A NULL pointer deference vulnerability has been identified in the protocol converter. An attacker could send a specially crafted packet that could reboot the device running Crimson 3.1 (Build versions prior to 3119.001). Se ha identificado una vulnerabilidad de deferencia del puntero NULL en el convertidor de protocolo. Un atacante podría enviar un paquete especialmente diseñado que podría reiniciar el dispositivo que ejecuta Crimson versión 3.1 (versiones de Compilación anteriores a 3119.001) • https://us-cert.cisa.gov/ics/advisories/icsa-21-005-04 • CWE-476: NULL Pointer Dereference •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27285
https://notcve.org/view.php?id=CVE-2020-27285
06 Jan 2021 — The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be able to read and modify the database without authentication. La configuración predeterminada de Crimson versión 3.1 (versiones de compilación anteriores a 3119.001), permite a un usuario ser capaz de leer y modificar la base de datos sin autenticación • https://us-cert.cisa.gov/ics/advisories/icsa-21-005-04 • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 4%CPEs: 4EXPL: 2CVE-2020-16204 – Red Lion N-Tron 702-W / 702M12-W 2.0.26 XSS / CSRF / Shell
https://notcve.org/view.php?id=CVE-2020-16204
01 Sep 2020 — The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions). El producto afectado es vulnerable debido a una interfaz no documentada que se encuentra en el dispositivo, lo que puede permitir a un atacante ejecutar comandos como root en el dispositivo en los dispositivos N-Tron 702-W / 702M12-W (todas las versiones) Red Lion N-Tron 702-W and 702M12-W versions 2.0.26... • https://packetstorm.news/files/id/159064 • CWE-912: Hidden Functionality •