Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-27581

EPSS 0.07% · P21
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-27581

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用已被攻破或存在风险的密码学算法
Source: NVD (National Vulnerability Database)
Vulnerability Title
SICK RFU61x 加密问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SICK RFU61x是德国西克(SICK)公司的一个 SICK UHF 产品组合中最小的读/写设备。非常适合直接在工件或组件上进行物联网应用。 SICK RFU61x 固件版本 v2.25之前版本存在安全漏洞,该漏洞源于如果用户请求通过 SSH 接口使用弱密码套件进行加密,则在 SICK RFU61x 中使用损坏或有风险的加密算法将允许低权限远程攻击者解密加密数据。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-SICK RFU61x Firmware <v2.25 -

II. Public POCs for CVE-2022-27581

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-27581

登录查看更多情报信息。

Same Patch Batch · n/a · 2022-12-13 · 71 CVEs total

CVE-2022-464049.8 CRITICALAtos Unify OpenScape 4000 命令注入漏洞
CVE-2022-458714.3 MEDIUMDenial-of-Service (DoS) Vulnerability
CVE-2022-42140Delta Electronics DX-2100RW-WW 操作系统命令注入漏洞
CVE-2022-46061AeroCMS 安全漏洞
CVE-2022-45005IP-COM EW9 操作系统命令注入漏洞
CVE-2022-44874wasm3 缓冲区错误漏洞
CVE-2022-44636SAMSUNG TV 安全漏洞
CVE-2022-44303Resque Scheduler 跨站脚本漏洞
CVE-2022-43996csaf_distribution 跨站脚本漏洞
CVE-2022-4223pgAdmin 代码注入漏洞
CVE-2022-42141Delta Electronics DX-2100RW-WW 跨站脚本漏洞
CVE-2022-45685Jettison 缓冲区错误漏洞
CVE-2022-42139Delta Electronics DVW-W02W2-E2 操作系统命令注入漏洞
CVE-2022-38628Nortek Control Linear eMerge E3-Series 授权问题漏洞
CVE-2022-37155SPIP 安全漏洞
CVE-2022-31699VMware ESXi 缓冲区错误漏洞
CVE-2022-31698VMware ESXi和vCenter Server 安全漏洞
CVE-2022-31697VMware ESXi和vCenter Server 信息泄露漏洞
CVE-2022-31696VMware ESXi和vCenter Server 缓冲区错误漏洞
CVE-2022-20611Google Pixel 安全漏洞

Showing top 20 of 71 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same vendor: n/a
Same weakness: CWE-327

V. Comments for CVE-2022-27581

No comments yet

Leave a comment