The Apache server on port 80 that host the web interface is vulnerable to a DoS by spamming incomplete HTTP headers, effectively blocking the access to the dashboard.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HEasyrobotics Er200
HWEasyroboticswszystkie wersjeEasyrobotics Er200 Firmware
OSEasyroboticswszystkie wersjeEasyrobotics Er Flex
HWEasyroboticswszystkie wersjeEasyrobotics Er Flex Firmware
OSEasyroboticswszystkie wersjeEasyrobotics Er Lite
HWEasyroboticswszystkie wersjeEasyrobotics Er Lite Firmware
OSEasyroboticswszystkie wersjeEasyrobotics Er One
HWEasyroboticswszystkie wersjeEasyrobotics Er One Firmware
OSEasyroboticswszystkie wersjeMobile Industrial Robots Mir100
HWMobile-Industrial-Robotswszystkie wersjeMobile Industrial Robots Mir1000
HWMobile-Industrial-Robotswszystkie wersjeMobile Industrial Robots Mir1000 Firmware
OSMobile-Industrial-Robotswszystkie wersjeMobile Industrial Robots Mir100 Firmware
OSMobile-Industrial-Robots≤ 2.8.1.1Mobile Industrial Robots Mir200
HWMobile-Industrial-Robotswszystkie wersjeMobile Industrial Robots Mir200 Firmware
OSMobile-Industrial-Robotswszystkie wersjeMobile Industrial Robots Mir250
HWMobile-Industrial-Robotswszystkie wersjeMobile Industrial Robots Mir250 Firmware
OSMobile-Industrial-Robotswszystkie wersjeMobile Industrial Robots Mir500
HWMobile-Industrial-Robotswszystkie wersjeMobile Industrial Robots Mir500 Firmware
OSMobile-Industrial-Robotswszystkie wersjeUvd Robots Uvd
HWUvd-Robotswszystkie wersjeUvd Robots Uvd Firmware
OSUvd-Robotswszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2020-10275CRITICAL9.8ten sam produkt
The access tokens for the REST API are directly derived from the publicly available default credentials for th...
CVE-2020-10276CRITICAL9.8ten sam produkt
The password for the safety PLC is the default and thus easy to find (in manuals, etc.). This allows a manipul...
CVE-2020-10274HIGH7.1ten sam produkt
The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the publicly availab...
CVE-2020-10277MEDIUM6.4ten sam produkt
There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extrac...
CVE-2020-10269CRITICAL9.8ten sam vendor
One of the wireless interfaces within MiR100, MiR200 and possibly (according to the vendor) other MiR fleet ve...