Approved changes feed: RSS · Atom
cpe:2.3:a:westermo:lynx:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Westermo (f47ec0f3-f645-57e9-881c-edbca94542ff) |
|---|---|
| Product | Lynx (9062c079-95e1-55a1-809b-4545d0dd27a9) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-45735 |
vulnerable | 2026-06-03 14:53:08.451111 |
Westermo Lynx Code Injection
HIGH (8)
A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device.
Published: 2024-02-06T21:48:14.731Z
Updated: 2024-08-19T20:23:15.940Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45227 |
vulnerable | 2026-06-03 14:53:07.818645 |
Westermo Lynx Cross-site Scripting
MEDIUM (5.4)
An attacker with access to the web application with vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "dns.0.server" parameter.
Published: 2024-02-06T21:22:36.141Z
Updated: 2024-08-02T20:14:19.933Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45222 |
vulnerable | 2026-06-03 14:53:07.810479 |
Westermo Lynx Cross-site Scripting
MEDIUM (5.4)
An attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "autorefresh" parameter.
Published: 2024-02-06T21:44:24.769Z
Updated: 2024-08-02T20:14:19.991Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45213 |
vulnerable | 2026-06-03 14:53:07.789453 |
Westermo Lynx Permissive Cross-domain Policy with Untrusted Domains
MEDIUM (6.6)
A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device.
Published: 2024-02-06T21:39:36.259Z
Updated: 2025-05-15T19:43:25.845Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42765 |
vulnerable | 2026-06-03 14:52:54.071984 |
Westermo Lynx Cross-site Scripting
MEDIUM (5.4)
An attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "username" parameter in the SNMP configuration.
Published: 2024-02-06T21:34:09.540Z
Updated: 2024-08-02T19:30:24.199Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-40544 |
vulnerable | 2026-06-03 14:52:49.921815 |
Westermo Lynx Cleartext Transmission of Sensitive Information
MEDIUM (5.7)
An attacker with access to the network where the affected devices are located could maliciously actions to obtain, via a sniffer, sensitive information exchanged via TCP communications.
Published: 2024-02-06T21:27:00.798Z
Updated: 2024-08-02T18:38:50.381Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-40143 |
vulnerable | 2026-06-03 14:52:42.553657 |
Westermo Lynx
MEDIUM (5.4)
An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "forward.0.domain" parameter.
Published: 2024-02-06T21:51:51.093Z
Updated: 2024-08-02T18:24:55.351Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-38579 |
vulnerable | 2026-06-03 14:52:31.612422 |
Westermo Lynx 206-F2G Cross-Site Request Forgery
HIGH (8)
The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally.
Published: 2024-02-06T21:16:48.926Z
Updated: 2024-11-07T20:33:42.806Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.