Siemens Scalance_sc626-2c_firmware

7 CVEs affecting Siemens Scalance_sc626-2c_firmware. Latest disclosed: 2022-12-13. Critical: 0, High: 2.

Top CVEs affecting Siemens Scalance_sc626-2c_firmware
CVESeverityScorePublishedSummary
CVE-2022-30065High7.82022-05-18A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar fun…
CVE-2018-25032High7.52022-03-25zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
CVE-2022-46140Medium6.52022-12-13Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and…
CVE-2022-32206Medium6.52022-07-07curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different alg…
CVE-2022-46142Medium5.72022-12-13Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the C…
CVE-2022-32205Medium4.32022-07-07A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large a…
CVE-2022-46143Low2.72022-12-13Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially co…