Gallagher Controller 6000 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Gallagher Controller 6000 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-26078 — CVSS 7.5 (high): Gallagher Controller 6000 is vulnerable to a Denial of Service attack via conflicting ARP packets with a duplicate IP address. This issue…
CVE-2023-24584 — CVSS 7.5 (high): Controller 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. This issue affects…
CVE-2023-24590 — CVSS 7.5 (high): A format string issue in the Controller 6000's optional diagnostic web interface can be used to write/read from memory, and in some…
CVE-2023-22439 — CVSS 3.1 (low): Improper input validation of a large HTTP request in the Controller 6000 and Controller 7000 optional diagnostic web interface (Port 80)…
CVE-2023-41967 — CVSS 2.4 (low): Sensitive information uncleared after debug/power state transition in the Controller 6000 could be abused by an attacker with knowledge of…