Vulnerabilities in .NET and Visual Studio functions System.Text.Json, System.Formats.Asn1, OPCFoundation.NetStandard.Opc.Ua.Core allow an remote attacker to execute a Denial-of-Servce attack.
Confidential data in HTTP query string of user requests. Incomplete sanitation of user input in administrative web interface.
CVE-2024-43392 only affects devices with firmware < 8.9.3.
The pathfinder TCP encapsulation service is vulnerable to a drain of open file descriptors.
mGuards use an OpenSSH server for SSH access. This server is vulnerable to a remote code injection.
Start sequence for firewall service allows attack during the boot process. Password is reset to default when the device undergoes a firmware upgrade.
The OpenSSL library used in the affected products is vulnerable to an unbounded growth of the session cache in the TLSv1.3 implementation.
Multiple vulnerabilities have been discovered in the Firmware of CHARX SEC charge controllers.
Update: credis have been updated
Multiple vulnerabilities have been discovered in the Firmware of CHARX SEC charge controllers. These vulnerabilities were discovered as part of a PWN2OWN competition initiated by Trend Micro Zero Day Initiative (ZDI).