Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Servo_press_kit_yjkp\-_firmware
(Festo)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 4 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-06-13 | CVE-2022-30308 | In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-on" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. | Controller_cecc\-X\-M1\-Mv\-S1_firmware, Controller_cecc\-X\-M1\-Mv_firmware, Controller_cecc\-X\-M1\-Y\-Yjkp_firmware, Controller_cecc\-X\-M1\-Ys\-L1_firmware, Controller_cecc\-X\-M1\-Ys\-L2_firmware, Controller_cecc\-X\-M1_firmware, Servo_press_kit_yjkp\-_firmware, Servo_press_kit_yjkp_firmware | 9.8 | ||
2022-06-13 | CVE-2022-30309 | In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-off" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. | Controller_cecc\-X\-M1\-Mv\-S1_firmware, Controller_cecc\-X\-M1\-Mv_firmware, Controller_cecc\-X\-M1\-Y\-Yjkp_firmware, Controller_cecc\-X\-M1\-Ys\-L1_firmware, Controller_cecc\-X\-M1\-Ys\-L2_firmware, Controller_cecc\-X\-M1_firmware, Servo_press_kit_yjkp\-_firmware, Servo_press_kit_yjkp_firmware | 9.8 | ||
2022-06-13 | CVE-2022-30310 | In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-acknerr-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. | Controller_cecc\-X\-M1\-Mv\-S1_firmware, Controller_cecc\-X\-M1\-Mv_firmware, Controller_cecc\-X\-M1\-Y\-Yjkp_firmware, Controller_cecc\-X\-M1\-Ys\-L1_firmware, Controller_cecc\-X\-M1\-Ys\-L2_firmware, Controller_cecc\-X\-M1_firmware, Servo_press_kit_yjkp\-_firmware, Servo_press_kit_yjkp_firmware | 9.8 | ||
2022-06-13 | CVE-2022-30311 | In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-refresh-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. | Controller_cecc\-X\-M1\-Mv\-S1_firmware, Controller_cecc\-X\-M1\-Mv_firmware, Controller_cecc\-X\-M1\-Y\-Yjkp_firmware, Controller_cecc\-X\-M1\-Ys\-L1_firmware, Controller_cecc\-X\-M1\-Ys\-L2_firmware, Controller_cecc\-X\-M1_firmware, Servo_press_kit_yjkp\-_firmware, Servo_press_kit_yjkp_firmware | 9.8 |