Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wyse_thinos
(Dell)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 10 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-09-10 | CVE-2024-42427 | Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of privileges. | Wyse_thinos | 7.6 | ||
| 2021-01-04 | CVE-2020-29491 | Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the sensitive information on the local network, leading to the potential compromise of impacted thin clients. | Wyse_thinos | 8.6 | ||
| 2021-01-04 | CVE-2020-29492 | Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to access the writable file and manipulate the configuration of any target specific station. | Wyse_thinos | 10.0 | ||
| 2021-04-02 | CVE-2021-21532 | Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file. | Wyse_thinos | 6.3 | ||
| 2021-08-10 | CVE-2021-21597 | Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with physical access to the system could exploit this vulnerability to read sensitive information written to the log files. | Wyse_thinos | 3.9 | ||
| 2021-08-10 | CVE-2021-21598 | Dell Wyse ThinOS, versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive Information Disclosure Vulnerability. An authenticated attacker with physical access to the system could exploit this vulnerability to read sensitive Smartcard data in log files. | Wyse_thinos | 3.9 | ||
| 2022-10-10 | CVE-2022-34402 | Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An admin privilege attacker could potentially exploit this vulnerability, leading to denial-of-service. | Wyse_thinos | 4.9 | ||
| 2023-07-20 | CVE-2023-32446 | Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files. | Wyse_thinos | 5.5 | ||
| 2023-07-20 | CVE-2023-32447 | Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure vulnerability. A malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files. | Wyse_thinos | 5.5 | ||
| 2023-07-20 | CVE-2023-32455 | Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files. | Wyse_thinos | 5.5 |