CVE-2013-2804
published 2013-08-28CVE-2013-2804: The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 allows remote attackers to cause a denial of service (master-station infinite loop) via…
PriorityP428high7.1CVSS 2.0
AVNACMAuNCNINAC
EPSS
1.26%
65.9th percentile
The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 allows remote attackers to cause a denial of service (master-station infinite loop) via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service (master-station infinite loop) via crafted input over a serial line.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| softwaretoolbox | top_server | <= 5.12 | — |
| softwaretoolbox | top_server | — | — |
| softwaretoolbox | top_server | — | — |
| softwaretoolbox | top_server | — | — |
| softwaretoolbox | top_server | — | — |
| softwaretoolbox | top_server | — | — |
| softwaretoolbox | top_server | — | — |
| softwaretoolbox | top_server | — | — |
| softwaretoolbox | top_server | — | — |
| softwaretoolbox | top_server | — | — |
| softwaretoolbox | top_server | — | — |
| softwaretoolbox | top_server | — | — |
| softwaretoolbox | top_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gxrf-44mp-mv84: The DNP Master Driver in Software Toolbox TOP Server before 5
ghsa_unreviewed·2022-05-17
CVE-2013-2804 [HIGH] CWE-20 GHSA-gxrf-44mp-mv84: The DNP Master Driver in Software Toolbox TOP Server before 5
The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 allows remote attackers to cause a denial of service (master-station infinite loop) via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service (master-station infinite loop) via crafted input over a serial line.
CISA ICS
Top Server OPC Improper Input Validation Vulnerability
cisa_ics·2015-05-28
Top Server OPC Improper Input Validation Vulnerability
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Top Server OPC Improper Input Validation Vulnerability
Last RevisedMay 28, 2015
Alert CodeICSA-13-234-02
## OVERVIEW
Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in the Software Toolbox TOP Server DNP Master OPC product. Software Toolbox has produced a new version that mitigates this vulnerability. The researchers have tested the new version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely.
## AFFECTED PRODUCTS
The following Software Toolbox products ar
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2013-08-28
Published