Softing Edgeaggregator
7 CVEs affecting Softing Edgeaggregator. Latest disclosed: 2025-08-21. Critical: 2, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-2336 | Critical | 9.8 | 2022-08-17 | Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admi… |
CVE-2025-7390 | Critical | 9.1 | 2025-08-21 | A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communicati… |
CVE-2023-27335 | High | 8.8 | 2024-05-03 | Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on… |
CVE-2024-0860 | High | 8.0 | 2024-03-14 | The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker to capture packets to craft… |
CVE-2023-38125 | High | 7.5 | 2024-05-03 | Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability. This vulnerability allows remote attackers to… |
CVE-2022-1748 | High | 7.5 | 2022-08-17 | Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulne… |
CVE-2023-38126 | High | 7.2 | 2023-12-19 | Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arb… |