Product:

Servo_press_kit_yjkp\-_firmware

(Festo)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 4
Date Id Summary Products Score Patch Annotated
2022-06-13 CVE-2022-30308 In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-on" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. Controller_cecc\-X\-M1\-Mv\-S1_firmware, Controller_cecc\-X\-M1\-Mv_firmware, Controller_cecc\-X\-M1\-Y\-Yjkp_firmware, Controller_cecc\-X\-M1\-Ys\-L1_firmware, Controller_cecc\-X\-M1\-Ys\-L2_firmware, Controller_cecc\-X\-M1_firmware, Servo_press_kit_yjkp\-_firmware, Servo_press_kit_yjkp_firmware 9.8
2022-06-13 CVE-2022-30309 In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-off" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. Controller_cecc\-X\-M1\-Mv\-S1_firmware, Controller_cecc\-X\-M1\-Mv_firmware, Controller_cecc\-X\-M1\-Y\-Yjkp_firmware, Controller_cecc\-X\-M1\-Ys\-L1_firmware, Controller_cecc\-X\-M1\-Ys\-L2_firmware, Controller_cecc\-X\-M1_firmware, Servo_press_kit_yjkp\-_firmware, Servo_press_kit_yjkp_firmware N/A
2022-06-13 CVE-2022-30310 In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-acknerr-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. Controller_cecc\-X\-M1\-Mv\-S1_firmware, Controller_cecc\-X\-M1\-Mv_firmware, Controller_cecc\-X\-M1\-Y\-Yjkp_firmware, Controller_cecc\-X\-M1\-Ys\-L1_firmware, Controller_cecc\-X\-M1\-Ys\-L2_firmware, Controller_cecc\-X\-M1_firmware, Servo_press_kit_yjkp\-_firmware, Servo_press_kit_yjkp_firmware N/A
2022-06-13 CVE-2022-30311 In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-refresh-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. Controller_cecc\-X\-M1\-Mv\-S1_firmware, Controller_cecc\-X\-M1\-Mv_firmware, Controller_cecc\-X\-M1\-Y\-Yjkp_firmware, Controller_cecc\-X\-M1\-Ys\-L1_firmware, Controller_cecc\-X\-M1\-Ys\-L2_firmware, Controller_cecc\-X\-M1_firmware, Servo_press_kit_yjkp\-_firmware, Servo_press_kit_yjkp_firmware N/A