ABB PB610 Panel Builder 600 is prone to the following vulnerabilities:
1. An authentication-bypass vulnerability
2. A directory-traversal vulnerability
3. Multiple memory corruption vulnerabilities
4. A stack-based buffer-overflow vulnerability
5. A buffer-overflow vulnerability
Attackers can exploit these issues to execute arbitrary code, access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory, bypass authentication mechanism and perform unauthorized actions. Failed exploit attempts will likely cause denial-of-service conditions.
ABB PB610 Panel Builder 600 version 1.91 through 2.8.0.367 are vulnerable.
Attackers can exploit these issues to execute arbitrary code, access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory, bypass authentication mechanism and perform unauthorized actions. Failed exploit attempts will likely cause denial-of-service conditions.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
| Bugtraq ID: | 108886 |
| Class: | Unknown |
| CVE: | CVE-2019-7226 CVE-2019-7227 CVE-2019-7228 CVE-2019-7230 CVE-2019-7232 CVE-2019-7231 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 13 2019 12:00AM |
| Updated: | Jun 13 2019 12:00AM |
| Credit: | Xen1thLabs. |
| Vulnerable: | ABB PB610 Panel Builder 600 2.8.0.367 ABB PB610 Panel Builder 600 1.91 |
| Not Vulnerable: | ABB PB610 Panel Builder 600 2.8.0.424 |
from SecurityFocus Vulnerabilities https://ift.tt/2XgHKUV
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.