Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-472:External Control of Assumed-Immutable Web Parameter
Weakness ID:472
Version:v4.17
Weakness Name:External Control of Assumed-Immutable Web Parameter
Vulnerability Mapping:Allowed
Abstraction:Base
Structure:Simple
Status:Draft
Likelihood of Exploit:
DetailsContent HistoryObserved CVE ExamplesReports
54Vulnerabilities found
CVE-2020-1765
Assigner-OTRS AG
ShareView Details
Assigner-OTRS AG
CVSS Score-3.5||LOW
EPSS-0.87% / 74.97%
||
7 Day CHG~0.00%
Published-10 Jan, 2020 | 15:08
Updated-16 Sep, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Spoofing of From field in several screens

An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.

Action-Not Available
Vendor-Debian GNU/LinuxOTRS AGopenSUSE
Product-otrsdebian_linuxbackports_sleleap((OTRS)) Community EditionOTRS
CWE ID-CWE-472
External Control of Assumed-Immutable Web Parameter
CVE-2019-13927
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.59% / 68.87%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 13:19
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web server (All firmware versions < V6.00.320). The device contains a vulnerability that could allow an attacker to cause a denial of service condition on the device's web server by sending a specially crafted HTTP message to the web server port (tcp/80). The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device's web service. While the device itself stays operational, the web server responds with HTTP status code 404 (Not found) to any further request. A reboot is required to recover the web interface. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-pxc22.1-e.dpxc22.1-e.d_firmwarepxa40-w2pxc64-upxc100-e.d_firmwarepxa40-w1pxa30-w0_firmwarepxc100-e.dpxc36.1-e.dpxc36-e.d_firmwarepxc00-e.dpxc128-u_firmwarepxc200-e.d_firmwarepxa30-w2pxa30-w1pxc128-upxa40-w1_firmwarepxa40-w0_firmwarepxc64-u_firmwarepxa30-w1_firmwarepxc00-u_firmwarepxc36.1-e.d_firmwarepxc50-e.dpxa40-w2_firmwarepxc200-e.dpxc00-e.d_firmwarepxa30-w2_firmwarepxc50-e.d_firmwarepxa30-w0pxa40-w0pxc36-e.dpxc00-uDesigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web serverDesigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2
CWE ID-CWE-472
External Control of Assumed-Immutable Web Parameter
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2017-5261
Assigner-Rapid7, Inc.
ShareView Details
Assigner-Rapid7, Inc.
CVSS Score-8.8||HIGH
EPSS-24.14% / 95.99%
||
7 Day CHG~0.00%
Published-20 Dec, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' functions of the web administrative console expose a file path traversal vulnerability, accessible to all authenticated users.

Action-Not Available
Vendor-cambiumnetworksCambium Networks
Product-cnpilot_r190v_firmwarecnpilot_e400cnpilot_e410cnpilot_e600cnpilot_e410_firmwarecnpilot_r190ncnpilot_r190vcnpilot_e600_firmwarecnpilot_e400_firmwarecnpilot_r190n_firmwarecnPilot
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-472
External Control of Assumed-Immutable Web Parameter
CVE-2017-5260
Assigner-Rapid7, Inc.
ShareView Details
Assigner-Rapid7, Inc.
CVSS Score-8.8||HIGH
EPSS-33.39% / 96.85%
||
7 Day CHG~0.00%
Published-20 Dec, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the 'user' account, the configuration file is accessible via direct object reference (DRO) at http://<device-ip-or-hostname>/goform/down_cfg_file by this otherwise low privilege 'user' account.

Action-Not Available
Vendor-cambiumnetworksCambium Networks
Product-cnpilot_r190v_firmwarecnpilot_e400cnpilot_e410cnpilot_e600cnpilot_e410_firmwarecnpilot_r190ncnpilot_r190vcnpilot_e600_firmwarecnpilot_e400_firmwarecnpilot_r190n_firmwarecnPilot
CWE ID-CWE-472
External Control of Assumed-Immutable Web Parameter
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
  • Previous
  • 1
  • 2
  • Next