Known Vulnerabilities for products from Westermo
Listed below are 9 of the newest known vulnerabilities associated with the vendor "Westermo".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Westermo can be found at device.report : Westermo
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-12504 | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES... | 9.8 - CRITICAL | 2020-10-15 | 2022-03-16 |
| CVE-2020-7227 | Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote att... | 6.5 - MEDIUM | 2020-01-18 | 2021-07-21 |
| CVE-2018-19614 | XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers. | 6.1 - MEDIUM | 2019-05-23 | 2019-05-24 |
| CVE-2018-19613 | Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allow CSRF. | 6.5 - MEDIUM | 2019-05-24 | 2019-05-28 |
| CVE-2018-19612 | The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload maliciou... | 8.8 - HIGH | 2019-05-24 | 2019-05-28 |
| CVE-2017-12709 | A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-45... | 5.3 - MEDIUM | 2017-08-25 | 2019-10-09 |
| CVE-2017-12703 | A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MR... | 8.8 - HIGH | 2017-08-25 | 2017-08-29 |
| CVE-2016-5816 | A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, ... | 7.5 - HIGH | 2017-08-25 | 2017-08-30 |
| CVE-2015-7923 | Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier fo... | 9 - CRITICAL | 2016-01-30 | 2016-03-07 |
Known software with vulnerabilities from Westermo
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Westermo | Mrd-315 | - |
| Operating System | Westermo | Mrd-315 Firmware | 1.7.3 |
| Operating System | Westermo | Weos | 4.18.0 |