Skip to main content

CND News and Blog

New Vulnerabilities Sunday 15 September


New Alerts for curl, WebIQ, F5, and ABB.

curl 

When curl is built to use the GnuTLS library and told to use OCSP stapling to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine.
More info.

WebIQ 

The Windows version of WebIQ is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system. CVSSv3 score of 8.6
No patch yet.
More info.

F5 

Traffix SDC uses CPAN.pm which contains a vulnerability that may allow a remote attacker to inject into the network path and perform a MITM attack, causing confidentiality or integrity issues. CVSSv3 score of 7.4
More info.

ABB 

REF630, REG630, REM630 and RET630 equipment contains vulnerabilities that could result in a DoS. Highest CVSSv4 score of 8.2
More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Wednesday, 06 November 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/