A vulnerability classified as critical was found in Crestron DM-NVX-DIR, DM-NVX-DIR80 and DM-NVX-ENT. Affected by this vulnerability is an unknown functionality of the component WebSocket Request Handler. Upgrading to version DM-XIO 1-0-3-802 eliminates this vulnerability. The upgrade is hosted for download at crestron.com.
Crestron DM-NVX-DIR/DM-NVX-DIR80/DM-NVX-ENT prior DM-XIO 1-0-3-802 WebSocket Request Remote Code Execution
- Virtual Patching
- July 31, 2021
- 10:05 pm
CVE-2022-37452 : EXIM UP TO 4.94 ALIAS LIST HOST.C HOST_NAME_LOOKUP SENDER_HOST_NAME HEAP-BASED OVERFLOW
Description Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is
CVE-2022-27535 : KASPERSKY VPN SECURE CONNECTION UP TO 21.5 ON WINDOWS DENIAL OF SERVICE
Description Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of
CVE-2022-32965 : OMICARD EDM HARD-CODED CREDENTIALS
Description OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized