Siemens Scalance Sc626-2C Firmware vulnerabilities

CVE-2022-46140 [HIGH] CWE-327 CVE-2022-46140: Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an aut Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.

CVE-2022-46143 [MEDIUM] CWE-1284 CVE-2022-46143: Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attack Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.

CVE-2022-46142 [MEDIUM] CWE-257 CVE-2022-46142: Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical acc Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.

CVE-2022-32205 [MEDIUM] CWE-770 CVE-2022-32205: A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl a A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to av

CVE-2022-32206 [MEDIUM] CWE-770 CVE-2022-32206: curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be c curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a

CVE-2022-30065 [HIGH] CWE-416 CVE-2022-30065: A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code executi A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.

CVE-2018-25032 [HIGH] CWE-787 CVE-2018-25032: zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.