A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS and HiSecOS. The vulnerability is due to improper parsing of URL arguments. An attacker could exploit this vulnerability by specially crafting HTTP requests to overflow an internal buffer. The following devices using HiOS Version 07.0.02 and lower are affected: RSP, RSPE, RSPS, RSPL, MSP, EES, EES, EESX, GRS, OS, RED. The following devices using HiSecOS Version 03.2.00 and lower are affected: EAGLE20/30.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HBelden Hirschmann Eagle20
HWBeldenwszystkie wersjeBelden Hirschmann Eagle30
HWBeldenwszystkie wersjeBelden Hirschmann Embedded Ethernet Switch
HWBeldenwszystkie wersjeBelden Hirschmann Embedded Ethernet Switch Extended
HWBeldenwszystkie wersjeBelden Hirschmann Greyhound Swtich
HWBeldenwszystkie wersjeBelden Hirschmann Hios
OSBelden≤ 07.0.02Belden Hirschmann Hisecos
OSBelden≤ 03.2.00Belden Hirschmann Mice Switch Power
HWBeldenwszystkie wersjeBelden Hirschmann Octopus
HWBeldenwszystkie wersjeBelden Hirschmann Prp Redbox
HWBeldenwszystkie wersjeBelden Hirschmann Rail Switch Power
HWBeldenwszystkie wersjeBelden Hirschmann Rail Switch Power Enhanced
HWBeldenwszystkie wersjeBelden Hirschmann Rail Switch Power Lite
HWBeldenwszystkie wersjeBelden Hirschmann Rail Switch Power Smart
HWBeldenwszystkie wersje
Powiązane podatności
Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSecOS 03.3.00 through 03.5.01 allow remote...
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET s...
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnera...
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET sec...
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnera...