Security Vulnerabilities - CVEs Published In October 2020
Multiple cross-site scripting (XSS) vulnerabilities in Citadel WebCit through 926 allow remote attackers to inject arbitrary web script or HTML via multiple pages and parameters. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-10-28
Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is undocumented in device documents and is not announced to the user.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-10-28
Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and can be combined with other vulnerabilities for remote exploitation.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-10-28
Winston 1.5.4 devices allow a U-Boot interrupt, resulting in local root access.
CVSS Score
6.8
EPSS Score
0.0
Published
2020-10-28
Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root privilege escalation.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-10-28
Winston 1.5.4 devices have a CORS configuration that trusts arbitrary origins. This allows requests to be made and viewed by arbitrary origins.
CVSS Score
9.1
EPSS Score
0.003
Published
2020-10-28
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value. NOTE: The vendor has indicated this is not a vulnerability and states "This vulnerability occurred due to wrong configuration of system.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-10-28
Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe binary.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-10-28
Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe (Regular) or the OpenDHCPLdap.exe (LDAP Based) binary.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-10-28
An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-10-28