cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-27407,https://securityvulnerability.io/vulnerability/CVE-2023-27407,Command Injection Vulnerability in SCALANCE LPE9403 from Siemens,"A command injection vulnerability exists in the SCALANCE LPE9403 product due to improper validation of user input in its web-based management interface. This flaw can be exploited by an authenticated remote attacker, potentially allowing them to execute commands on the underlying operating system with root privileges, which poses a significant risk to the security of the affected device.",Siemens,Scalance Lpe9403,9.9,CRITICAL,0.0014299999456852674,false,,false,false,false,,false,false,2023-05-09T13:15:00.000Z,0
CVE-2023-27408,https://securityvulnerability.io/vulnerability/CVE-2023-27408,Mutex File Permission Flaw in SCALANCE LPE9403 by Siemens,"A vulnerability in the SCALANCE LPE9403 involves a mutex file, identified as `i2c`, which is set with overly permissive permissions of `-rw-rw-rw-`. This weak configuration allows an authenticated attacker, who has access to the device's SSH interface, to manipulate the mutex, potentially compromising the integrity of the mutex and any data it safeguards. Such interference could lead to unauthorized access or modification of critical data handled by applications interacting with the i2c subsystem.",Siemens,Scalance Lpe9403,3.3,LOW,0.0004400000034365803,false,,false,false,false,,false,false,2023-05-09T13:15:00.000Z,0
CVE-2023-27409,https://securityvulnerability.io/vulnerability/CVE-2023-27409,Path Traversal Vulnerability in SCALANCE LPE9403 by Siemens,"A security vulnerability has been discovered in SCALANCE LPE9403 devices where a path traversal issue exists within the `deviceinfo` binary. By manipulating the `mac` parameter, an authenticated attacker with SSH access could potentially read the contents of sensitive files, such as those named 'address'. This flaw highlights the importance of securing SSH interfaces to prevent unauthorized file access and protect sensitive configurations.",Siemens,Scalance Lpe9403,2.5,LOW,0.0004400000034365803,false,,false,false,false,,false,false,2023-05-09T13:15:00.000Z,0
CVE-2023-27410,https://securityvulnerability.io/vulnerability/CVE-2023-27410,Heap-based Buffer Overflow Vulnerability in SCALANCE LPE9403 by Siemens,"A heap-based buffer overflow vulnerability has been identified in the SCALANCE LPE9403 product from Siemens. This issue resides within the `edgebox_web_app` binary, which is susceptible to crashing when a backup password exceeding 255 characters is provided. An authenticated user with elevated privileges could exploit this vulnerability to induce a denial of service, making it crucial for users of SCALANCE LPE9403 to assess their systems and implement necessary security measures.",Siemens,Scalance Lpe9403,2.7,LOW,0.0006300000241026282,false,,false,false,false,,false,false,2023-05-09T13:15:00.000Z,0