Gallagher Controller_6000_firmware
5 CVEs affecting Gallagher Controller_6000_firmware. Latest disclosed: 2023-12-18. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-24590 | High | 7.5 | 2023-12-18 | A format string issue in the Controller 6000's optional diagnostic web interface can be used to write/read from memory, and in some instances crash the Cont… |
CVE-2023-24584 | High | 7.5 | 2023-06-01 | Controller 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. This issue affects Controller 6000: before… |
CVE-2022-26078 | High | 7.5 | 2022-07-06 | Gallagher Controller 6000 is vulnerable to a Denial of Service attack via conflicting ARP packets with a duplicate IP address. This issue affects: Gallagher Ga… |
CVE-2023-22439 | Low | 3.1 | 2023-12-18 | Improper input validation of a large HTTP request in the Controller 6000 and Controller 7000 optional diagnostic web interface (Port 80) can be used to perfor… |
CVE-2023-41967 | Low | 2.4 | 2023-12-18 | Sensitive information uncleared after debug/power state transition in the Controller 6000 could be abused by an attacker with knowledge of the Controller's de… |