Castlerock: Security Vulnerabilities
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There is pervasive CSRF.
CVSS Score
8.8
EPSS Score
0.002
Published
2020-04-09
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive information via info.php4.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-04-09
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive credential information from backup files.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-04-09
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There are multiple persistent (stored) and reflected XSS vulnerabilities.
CVSS Score
5.4
EPSS Score
0.003
Published
2020-04-09
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It includes the username and password values in cleartext within each request's cookie value.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-04-09
nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0.9 has a stack-based buffer overflow via a long variable string in a Map Objects text file.
CVSS Score
7.8
EPSS Score
0.03
Published
2019-07-12
Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-04-10
Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter.
CVSS Score
8.8
EPSS Score
0.002
Published
2017-04-10