Com Server Highspeed Oem
Approved changes feed: RSS · Atom
cpe:2.3:a:wiesemann_&_theis:com-server_highspeed_oem:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Wiesemann & Theis (1d670462-fe11-587d-a320-4167bbd25630) |
|---|---|
| Product | Com Server Highspeed Oem (aec46bb4-8ed1-592a-b5eb-66b903d65a2e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-4098 |
vulnerable | 2026-06-03 14:48:35.064217 |
Wiesemann & Theis: Multiple products prone to missing authentication through spoofing
HIGH (8)
Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. After a user logged in to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by crafting modified HTTP Get requests. This may result in a complete takeover of the device.
Published: 2022-12-13T07:26:17.752Z
Updated: 2025-04-14T18:12:33.668Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-42787 |
vulnerable | 2026-06-03 14:48:13.064013 |
Wiesemann & Theis: Small number space for allocating session id in Com-Server family
HIGH (8.8)
Multiple W&T products of the Comserver Series use a small number space for allocating sessions ids. After login of an user an unathenticated remote attacker can brute force the users session id and get access to his account on the the device. As the user needs to log in for the attack to be successful a user interaction is required.
Published: 2022-11-10T11:06:20.856Z
Updated: 2025-05-01T19:01:20.740Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-42786 |
vulnerable | 2026-06-03 14:48:13.062173 |
Wiesemann & Theis: XSS vulnerability in web interface of the Com-Server family
MEDIUM (5.4)
Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration webpage
Published: 2022-11-10T11:02:32.615Z
Updated: 2025-04-29T14:56:50.373Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-42785 |
vulnerable | 2026-06-03 14:48:13.028887 |
Wiesemann & Theis: Authentication bypass in Com-Server family
CRITICAL (9.8)
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An unathenticated remote attacker, can log in without knowledge of the password by crafting a modified HTTP GET Request.
Published: 2022-11-10T11:01:41.011Z
Updated: 2025-05-01T19:02:00.365Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.