Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for powerlink2_firmware by visonic

    CVE-2016-5813 (GCVE-0-2016-5813)

    Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-06 01:15
    VLAI
    Summary
    An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. When a specific URL to an image is accessed, the downloaded image carries with it source code used in the web server (INFORMATION EXPOSURE).
    Severity
    No CVSS data available.
    CWE
    • Visonic PowerLink2 INFORMATION EXPOSURE
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Visonic PowerLink2 Affected: Visonic PowerLink2
    Date Public
    2017-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:15:10.023Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94894",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94894"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Visonic PowerLink2",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Visonic PowerLink2"
                }
              ]
            }
          ],
          "datePublic": "2017-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. When a specific URL to an image is accessed, the downloaded image carries with it source code used in the web server (INFORMATION EXPOSURE)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Visonic PowerLink2 INFORMATION EXPOSURE",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-14T10:57:01.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "name": "94894",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94894"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2016-5813",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Visonic PowerLink2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Visonic PowerLink2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. When a specific URL to an image is accessed, the downloaded image carries with it source code used in the web server (INFORMATION EXPOSURE)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Visonic PowerLink2 INFORMATION EXPOSURE"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94894",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94894"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2016-5813",
        "datePublished": "2017-02-13T21:00:00.000Z",
        "dateReserved": "2016-06-23T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:15:10.023Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-5811 (GCVE-0-2016-5811)

    Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-06 01:15
    VLAI
    Summary
    An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. User controlled input is not neutralized prior to being placed in web page output (CROSS-SITE SCRIPTING).
    Severity
    No CVSS data available.
    CWE
    • Visonic PowerLink2 XSS
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Visonic PowerLink2 Affected: Visonic PowerLink2
    Date Public
    2017-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:15:09.898Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94894",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94894"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Visonic PowerLink2",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Visonic PowerLink2"
                }
              ]
            }
          ],
          "datePublic": "2017-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. User controlled input is not neutralized prior to being placed in web page output (CROSS-SITE SCRIPTING)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Visonic PowerLink2 XSS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-14T10:57:01.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "name": "94894",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94894"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2016-5811",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Visonic PowerLink2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Visonic PowerLink2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. User controlled input is not neutralized prior to being placed in web page output (CROSS-SITE SCRIPTING)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Visonic PowerLink2 XSS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94894",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94894"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2016-5811",
        "datePublished": "2017-02-13T21:00:00.000Z",
        "dateReserved": "2016-06-23T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:15:09.898Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-5811 (GCVE-0-2016-5811)

    Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-06 01:15
    VLAI
    Summary
    An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. User controlled input is not neutralized prior to being placed in web page output (CROSS-SITE SCRIPTING).
    Severity
    No CVSS data available.
    CWE
    • Visonic PowerLink2 XSS
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Visonic PowerLink2 Affected: Visonic PowerLink2
    Date Public
    2017-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:15:09.898Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94894",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94894"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Visonic PowerLink2",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Visonic PowerLink2"
                }
              ]
            }
          ],
          "datePublic": "2017-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. User controlled input is not neutralized prior to being placed in web page output (CROSS-SITE SCRIPTING)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Visonic PowerLink2 XSS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-14T10:57:01.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "name": "94894",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94894"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2016-5811",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Visonic PowerLink2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Visonic PowerLink2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. User controlled input is not neutralized prior to being placed in web page output (CROSS-SITE SCRIPTING)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Visonic PowerLink2 XSS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94894",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94894"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2016-5811",
        "datePublished": "2017-02-13T21:00:00.000Z",
        "dateReserved": "2016-06-23T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:15:09.898Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-5813 (GCVE-0-2016-5813)

    Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-06 01:15
    VLAI
    Summary
    An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. When a specific URL to an image is accessed, the downloaded image carries with it source code used in the web server (INFORMATION EXPOSURE).
    Severity
    No CVSS data available.
    CWE
    • Visonic PowerLink2 INFORMATION EXPOSURE
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Visonic PowerLink2 Affected: Visonic PowerLink2
    Date Public
    2017-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:15:10.023Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94894",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94894"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Visonic PowerLink2",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Visonic PowerLink2"
                }
              ]
            }
          ],
          "datePublic": "2017-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. When a specific URL to an image is accessed, the downloaded image carries with it source code used in the web server (INFORMATION EXPOSURE)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Visonic PowerLink2 INFORMATION EXPOSURE",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-14T10:57:01.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "name": "94894",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94894"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2016-5813",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Visonic PowerLink2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Visonic PowerLink2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. When a specific URL to an image is accessed, the downloaded image carries with it source code used in the web server (INFORMATION EXPOSURE)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Visonic PowerLink2 INFORMATION EXPOSURE"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94894",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94894"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2016-5813",
        "datePublished": "2017-02-13T21:00:00.000Z",
        "dateReserved": "2016-06-23T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:15:10.023Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }