Raritan : Security Vulnerabilities, CVEs,
An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
Max CVSS
9.8
EPSS Score
0.51%
Published
2019-11-18
Updated
2019-11-21
Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to license/records.
Max CVSS
7.5
EPSS Score
0.09%
Published
2014-11-26
Updated
2017-11-08
Raritan Japan Dominion KX2-101 switches before 2 allow remote attackers to cause a denial of service (device hang) via a crafted packet.
Max CVSS
7.8
EPSS Score
0.21%
Published
2014-08-12
Updated
2023-04-25
Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.
Max CVSS
10.0
EPSS Score
0.57%
Published
2014-07-14
Updated
2014-07-15
Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-07-05
Updated
2023-04-25
5 vulnerabilities found