Shodan
Vulnerabilities
Vulnerable Software
Omron:  Security Vulnerabilities
CVE-2018-7525
In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untrusted pointer dereference vulnerability.
CVSS Score
5.3
EPSS Score
0.001
Published
2018-03-21
CVE-2018-6624
OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass authentication via a direct request to the .html file for a specific screen, as demonstrated by monitor.html.
CVSS Score
9.8
EPSS Score
0.01
Published
2018-02-05
CVE-2015-1015
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file.
CVSS Score
2.1
EPSS Score
0.001
Published
2015-10-06
CVE-2015-0988
Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a file.
CVSS Score
2.1
EPSS Score
0.001
Published
2015-10-06
CVE-2015-0987
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request.
CVSS Score
5.0
EPSS Score
0.008
Published
2015-10-06
CVE-2014-2369
Cross-site request forgery (CSRF) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
CVSS Score
6.0
EPSS Score
0.001
Published
2014-07-24
CVE-2014-2370
Cross-site scripting (XSS) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to inject arbitrary web script or HTML via crafted data.
CVSS Score
3.5
EPSS Score
0.003
Published
2014-07-24
CVE-2013-2301
The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem.
CVSS Score
4.3
EPSS Score
0.002
Published
2013-03-29
CVE-2000-0704
Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to execute arbitrary commands via long JS_OPEN, JS_MKDIR, or JS_FILE_INFO commands.
CVSS Score
10.0
EPSS Score
0.063
Published
2000-10-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved