Cososys: Security Vulnerabilities
CoSoSys Endpoint Protector 5.1.0.2 allows Host Header Injection.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-05-04
SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
CVSS Score
7.5
EPSS Score
0.003
Published
2014-06-02
The CoSoSys Endpoint Protector 4 appliance establishes an EPProot password based entirely on the appliance serial number, which makes it easier for remote attackers to obtain access via a brute-force attack.
CVSS Score
7.5
EPSS Score
0.085
Published
2012-09-18