Siemens Scalance W1750d Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Siemens Scalance W1750d Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (62)
CVE-2017-14491 — CVSS 9.8 (critical): Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code…
CVE-2022-37886 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2021-37716 — CVSS 9.8 (critical): A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s)…
CVE-2021-37726 — CVSS 9.8 (critical): A remote buffer overflow vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 8.7.x.x: 8.7.0.0 through…
CVE-2022-37885 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2016-2031 — CVSS 9.8 (critical): Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and…
CVE-2022-37888 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2022-37887 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2018-7084 — CVSS 9.8 (critical): A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute…
CVE-2022-37891 — CVSS 9.8 (critical): Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Successful…
CVE-2022-37890 — CVSS 9.8 (critical): Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Successful…
CVE-2019-5319 — CVSS 9.8 (critical): A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x…
CVE-2022-37889 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2021-25149 — CVSS 9.8 (critical): A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x…
CVE-2020-24636 — CVSS 9.8 (critical): A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s)…
CVE-2021-25150 — CVSS 8.8 (high): A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s)…
CVE-2021-25144 — CVSS 8.8 (high): A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x…
CVE-2021-37725 — CVSS 8.1 (high): A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System…
CVE-2021-25162 — CVSS 8.1 (high): A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s)…
CVE-2021-25148 — CVSS 8.1 (high): A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2022-37893 — CVSS 7.8 (high): An authenticated command injection vulnerability exists in the Aruba InstantOS and ArubaOS 10 command line interface. Successful…
CVE-2002-20001 — CVSS 7.5 (high): The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not…
CVE-2017-13099 — CVSS 7.5 (high): wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An…
CVE-2018-7083 — CVSS 7.5 (high): If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at…
CVE-2021-25143 — CVSS 7.5 (high): A remote denial of service (dos) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2021-37724 — CVSS 7.2 (high): A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8…
CVE-2018-7082 — CVSS 7.2 (high): A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary…
CVE-2020-24635 — CVSS 7.2 (high): A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s)…
CVE-2021-25146 — CVSS 7.2 (high): A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s)…
CVE-2021-37717 — CVSS 7.2 (high): A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software…
CVE-2021-37718 — CVSS 7.2 (high): A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software…
CVE-2021-37720 — CVSS 7.2 (high): A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software…
CVE-2021-37721 — CVSS 7.2 (high): A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software…
CVE-2021-37722 — CVSS 7.2 (high): A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software…
CVE-2021-37723 — CVSS 7.2 (high): A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8…
CVE-2021-37727 — CVSS 7.2 (high): A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): 6.4.x.x: 6.4.4.8-4.2.4.18 and…
CVE-2021-37730 — CVSS 7.2 (high): A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 6.4.x.x…
CVE-2021-37732 — CVSS 7.2 (high): A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 6.4.x.x…
CVE-2019-5317 — CVSS 6.8 (medium): A local authentication bypass vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant…
CVE-2021-25155 — CVSS 6.5 (medium): A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2019-5318 — CVSS 6.5 (medium): A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba Operating System Software version(s): 6.x.x.x: all…
CVE-2022-37894 — CVSS 6.5 (medium): An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10…
CVE-2021-37728 — CVSS 6.5 (medium): A remote path traversal vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.8.0.1, 8.7.1.4, 8.6.0.11…
CVE-2021-37729 — CVSS 6.5 (medium): A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s)…
CVE-2020-26140 — CVSS 6.5 (medium): An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept…
CVE-2021-37734 — CVSS 6.5 (medium): A remote unauthorized read access to files vulnerability was discovered in Aruba Instant version(s): 6.4.x.x: 6.4.4.8-4.2.4.18 and below…
CVE-2021-25145 — CVSS 6.5 (medium): A remote unauthorized disclosure of information vulnerability was discovered in some Aruba Instant Access Point (IAP) products in…
CVE-2021-25159 — CVSS 6.5 (medium): A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2021-37731 — CVSS 6.2 (medium): A local path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s)…
CVE-2018-7064 — CVSS 6.1 (medium): A reflected cross-site scripting (XSS) vulnerability is present in an unauthenticated Aruba Instant web interface. An attacker could use…
CVE-2022-37896 — CVSS 6.1 (medium): A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow a remote attacker to conduct a reflected…
CVE-2021-25161 — CVSS 6.1 (medium): A remote cross-site scripting (xss) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2021-25158 — CVSS 5.9 (medium): A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant…
CVE-2022-37892 — CVSS 5.4 (medium): A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a…
CVE-2020-26146 — CVSS 5.3 (medium): An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with…
CVE-2021-37735 — CVSS 5.3 (medium): A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba…
CVE-2022-37895 — CVSS 4.9 (medium): An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10…
CVE-2021-25156 — CVSS 4.9 (medium): A remote arbitrary directory create vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2021-25157 — CVSS 4.9 (medium): A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant…
CVE-2021-25160 — CVSS 4.9 (medium): A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2021-37733 — CVSS 4.9 (medium): A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s)…
CVE-2020-24588 — CVSS 3.5 (low): The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the…