Deep Sea Electronics Dse855 vulnerabilities
6 known vulnerabilities affecting deep_sea_electronics/dse855.
Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2024-5947P3MEDIUMCVSS 6.5PoCv1.1.02024-06-13
CVE-2024-5947 [MEDIUM] CWE-306 CVE-2024-5947: Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulne
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists wi
nvd
CVE-2024-5948P2HIGHCVSS 8.8v1.1.02024-06-13
CVE-2024-5948 [HIGH] CWE-121 CVE-2024-5948: Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vul
Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the
nvd
CVE-2024-5950P2HIGHCVSS 8.8v1.1.02024-06-13
CVE-2024-5950 [HIGH] CWE-121 CVE-2024-5950: Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Executi
Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists with
nvd
CVE-2024-5951P4MEDIUMCVSS 6.5v1.1.02024-06-13
CVE-2024-5951 [MEDIUM] CWE-306 CVE-2024-5951: Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. Th
Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the web-based UI
nvd
CVE-2024-5952P4MEDIUMCVSS 6.5v1.1.02024-06-13
CVE-2024-5952 [MEDIUM] CWE-306 CVE-2024-5952: Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vul
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the web-based UI. The
nvd
CVE-2024-5949P4MEDIUMCVSS 6.5v1.1.02024-06-13
CVE-2024-5949 [MEDIUM] CWE-835 CVE-2024-5949: Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This v
Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the h
nvd