Embedded System Vulnerabilities
A focused list of vulnerabilities relevant to embedded and IoT devices.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2018-18894 | Certain older Lexmark devices (C, M, X, and 6500e before 2018-12-18) contain a directory traversal vulnerability in the… | High (7.5) | 2020-03-10 | Environment Specific |
| CVE-2020-9758 | An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 (Helpdesk). A blind JavaScript injection lies in the… | Critical (9.6) | 2020-03-09 | Environment Specific |
| CVE-2020-10250 | BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PK… | Critical (9.8) | 2020-03-09 | Environment Specific |
| CVE-2020-10249 | BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to val_soft.php3. | Medium (5.3) | 2020-03-09 | Environment Specific |
| CVE-2020-10248 | BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to val_users.php3. | High (7.5) | 2020-03-09 | Environment Specific |