KLCERT-18-017: DeltaV Remote Code Execution
Remote code execution in Emerson AMS Device Manager. A specially crafted script may be run that allows arbitrary remote code execution.
KLCERT-18-016: Eltex ESR-200 Router Default Password Usage
An attacker without authentication can login with default credentials for privileged users.
KLCERT-18-015: Eltex ESR-200 Router Unsecure sudo Configuration
A authenticated attacker with low privileges can use unsecure sudo configuration to expand attack surface.
KLCERT-18-014: Eltex ESR-200 Router Build-in user with highest privileges
A authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface.
KLCERT-18-013: Eltex ESR-200 Router Information Disclosure
A authenticated attacker with low privileges can extract password hash information for all users.
KLCERT-18-012: Eltex ESR-200 Router command injection
A authenticated attacker can execute arbitrary code using command ejection.
KLCERT-18-011: Kraftway-24F2XG Router Outdated Certificate Usage
Usage of SSLv2 and SSLv3 contain cryptographic weaknesses and cause data decryption.
KLCERT-18-010: Kraftway-24F2XG Router Denial of Service
A Buffer Overflow exploited through web interface by remote attacker cause denial of service.
KLCERT-18-009: Kraftway-24F2XG Router Possible Remote Code Execution
A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution.
KLCERT-18-008: Kraftway-24F2XG Router Denial of Service
A remote attacker with low privileges can cause denial of service.