GCVE - cpe:2.3:h:westermo:mrd-315-din:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:westermo:mrd-315-din:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Westermo (`f47ec0f3-f645-57e9-881c-edbca94542ff`)
Product	Mrd 315 Din (`d744f667-f4d9-5200-bd31-a22b0d40c891`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-12709`	not_vulnerable	2026-06-03 14:36:36.580306	Details available A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, which could allow for unauthorized local low-privileged access to the device. Published: 2017-08-25T16:00:00.000Z Updated: 2024-08-05T18:43:56.442Z Open on db.gcve.eu Reference links https://ics-cert.us-cert.gov/advisories/ICSA-17-236-01 http://www.securityfocus.com/bid/100470	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-12703`	not_vulnerable	2026-06-03 14:36:36.571434	Details available A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to trick a user into making a malicious request to the server. Published: 2017-08-25T16:00:00.000Z Updated: 2024-08-05T18:43:56.419Z Open on db.gcve.eu Reference links https://ics-cert.us-cert.gov/advisories/ICSA-17-236-01 http://www.securityfocus.com/bid/100470	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-5816`	not_vulnerable	2026-06-03 14:35:55.981524	Details available A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source. Published: 2017-08-25T16:00:00.000Z Updated: 2024-08-06T01:15:10.654Z Open on db.gcve.eu Reference links https://ics-cert.us-cert.gov/advisories/ICSA-17-236-01	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.