CVE-2024-32943 – Westermo L210-F2G Lynx Improper Control of Interaction Frequency
https://notcve.org/view.php?id=CVE-2024-32943
An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03 • CWE-799: Improper Control of Interaction Frequency •
CVE-2024-35246 – Westermo L210-F2G Lynx Improper Control of Interaction Frequency
https://notcve.org/view.php?id=CVE-2024-35246
An attacker may be able to cause a denial-of-service condition by sending many packets repeatedly. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03 • CWE-799: Improper Control of Interaction Frequency •
CVE-2024-37183 – Westermo L210-F2G Lynx Cleartext Transmission of Sensitive Information
https://notcve.org/view.php?id=CVE-2024-37183
Plain text credentials and session ID can be captured with a network sniffer. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03 • CWE-319: Cleartext Transmission of Sensitive Information •
CVE-2023-40143 – Westermo Lynx
https://notcve.org/view.php?id=CVE-2023-40143
An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "forward.0.domain" parameter. Un atacante con acceso a la aplicación web Westermo Lynx que tiene el software vulnerable podría introducir JavaScript arbitrario inyectando un payload de cross-site scripting en el parámetro "forward.0.domain". • https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-45735 – Westermo Lynx Code Injection
https://notcve.org/view.php?id=CVE-2023-45735
A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device. Un potencial atacante con acceso al dispositivo Westermo Lynx podría ejecutar código malicioso que podría afectar el correcto funcionamiento del dispositivo. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04 • CWE-94: Improper Control of Generation of Code ('Code Injection') •