Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Servo_press_kit_yjkp\-_firmware
(Festo)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-06-13 | CVE-2022-30308 | In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-on" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. | Controller_cecc\-X\-M1\-Mv\-S1_firmware, Controller_cecc\-X\-M1\-Mv_firmware, Controller_cecc\-X\-M1\-Y\-Yjkp_firmware, Controller_cecc\-X\-M1\-Ys\-L1_firmware, Controller_cecc\-X\-M1\-Ys\-L2_firmware, Controller_cecc\-X\-M1_firmware, Servo_press_kit_yjkp\-_firmware, Servo_press_kit_yjkp_firmware | 9.8 | ||
| 2022-06-13 | CVE-2022-30309 | In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-off" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. | Controller_cecc\-X\-M1\-Mv\-S1_firmware, Controller_cecc\-X\-M1\-Mv_firmware, Controller_cecc\-X\-M1\-Y\-Yjkp_firmware, Controller_cecc\-X\-M1\-Ys\-L1_firmware, Controller_cecc\-X\-M1\-Ys\-L2_firmware, Controller_cecc\-X\-M1_firmware, Servo_press_kit_yjkp\-_firmware, Servo_press_kit_yjkp_firmware | 9.8 | ||
| 2022-06-13 | CVE-2022-30310 | In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-acknerr-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. | Controller_cecc\-X\-M1\-Mv\-S1_firmware, Controller_cecc\-X\-M1\-Mv_firmware, Controller_cecc\-X\-M1\-Y\-Yjkp_firmware, Controller_cecc\-X\-M1\-Ys\-L1_firmware, Controller_cecc\-X\-M1\-Ys\-L2_firmware, Controller_cecc\-X\-M1_firmware, Servo_press_kit_yjkp\-_firmware, Servo_press_kit_yjkp_firmware | 9.8 | ||
| 2022-06-13 | CVE-2022-30311 | In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-refresh-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. | Controller_cecc\-X\-M1\-Mv\-S1_firmware, Controller_cecc\-X\-M1\-Mv_firmware, Controller_cecc\-X\-M1\-Y\-Yjkp_firmware, Controller_cecc\-X\-M1\-Ys\-L1_firmware, Controller_cecc\-X\-M1\-Ys\-L2_firmware, Controller_cecc\-X\-M1_firmware, Servo_press_kit_yjkp\-_firmware, Servo_press_kit_yjkp_firmware | 9.8 |