CVSS: 8.6EPSS: 0%CPEs: 32EXPL: 1CVE-2018-17924
https://notcve.org/view.php?id=CVE-2018-17924
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address. Rockwell Automation MicroLogix 1400 Controllers y 1756 ControlLogix Communications Modules. Un actor de amenaza remoto no autenticado podría enviar una petición de conexión CIP a un dispositivo afectado y, tras conectarse exitosamente, enviar una nueva configuración IP al dispositivo afectado incluso aunque el controlador en el sistema esté configurado en modo Hard RUN. Cuando el dispositivo afectado acepta esta nueva configuración IP, ocurre una pérdida de comunicación entre el dispositivo y el resto del sistema, ya que el tráfico del sistema sigue intentando comunicarse con el dispositivo mediante la dirección IP sobrescrita. • https://github.com/g0dd0ghd/CVE-2018-17924-PoC http://www.securityfocus.com/bid/106132 https://ics-cert.us-cert.gov/advisories/ICSA-18-310-02 • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 88%CPEs: 4EXPL: 0CVE-2010-2965
https://notcve.org/view.php?id=CVE-2010-2965
The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. El servicio WDB target agent debug en Wind River VxWorks v6.x, v5.x, y anteriores, como los usados en el Rockwell Automation 1756-ENBT serie A con firmware v3.2.6 y v3.6.1 y otros productos, permiten a atacantes remotos leer o modificar a su elección direcciones de memoria, realizar llamdas a funciones, o administrar tareas a través de peticiones UDP al puerto 17185, relacionado con el comportamiento de CVE-2005-3804. • http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735 http://www.kb.cert.org/vuls/id/362332 http://www.kb.cert.org/vuls/id/MAPG-86EPFA http://www.kb.cert.org/vuls/id/MAPG-86FPQL https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708 • CWE-863: Incorrect Authorization •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2009-0472
https://notcve.org/view.php?id=CVE-2009-0472
Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de secuencias de ejecución de comandos en sitios cruzados en el interfaz web en el módulo Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores sin especificar. • http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=57729 http://secunia.com/advisories/33783 http://www.kb.cert.org/vuls/id/882619 http://www.securityfocus.com/bid/33638 http://www.vupen.com/english/advisories/2009/0347 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2009-0474
https://notcve.org/view.php?id=CVE-2009-0474
The web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to obtain "internal web page information" and "internal information about the module" via unspecified vectors. NOTE: this may overlap CVE-2002-1603. El interfaz web en el módulo Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge permite a atacantes remotos obtener "información de la pagina web interna" y "información interna del módulo" a través de vectores desconocidos. NOTA: esta vulnerabilidad puede solaparse con CVE-2002-1603. • http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=57729 http://secunia.com/advisories/33783 http://www.kb.cert.org/vuls/id/124059 http://www.kb.cert.org/vuls/id/RGII-7MWKZ3 http://www.vupen.com/english/advisories/2009/0347 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2009-0473
https://notcve.org/view.php?id=CVE-2009-0473
Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de redirección abierta en el interfaz web en el módulo Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge permite a atacantes remotos redireccionar a usuarios a sitios web de su elección y llevar a cabo ataques de phishing a través de vectores no especificados. • https://github.com/akbarq/CVE-2009-0473-check http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=57729 http://secunia.com/advisories/33783 http://www.kb.cert.org/vuls/id/619499 http://www.securityfocus.com/bid/33636 http://www.vupen.com/english/advisories/2009/0347 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •