These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2024-37183 affects the Westermo L210-F2G Lynx industrial switch running firmware version 4.21.0. The vulnerability allows plaintext credentials and session identifiers to be captured via network sniffing, indicating that sensitive authentication data is transmitted without encryption. This exposure occurs when HTTP is used to access the device's WebGUI, enabling attackers with adjacent network access [truncated]
A denial-of-service vulnerability exists in the Westermo L210-F2G Lynx industrial Ethernet switch. An unauthenticated remote attacker can cause a denial-of-service condition by sending many packets repeatedly. The vulnerability affects version 4.21.0 of the L210-F2G Lynx device. The issue was disclosed by CISA on June 20, 2024, with a CVSS 3.1 score of 7.5 (HIGH severity), indicating network-based exploit [truncated]
A denial-of-service vulnerability exists in the Westermo L210-F2G Lynx industrial switch firmware version 4.21.0. An unauthenticated remote attacker can cause a denial-of-service condition by sending a high volume of SSH packets repeatedly. The vulnerability is network-accessible with low attack complexity and requires no privileges or user interaction. While the attack does not compromise confidentiality [truncated]
A critical vulnerability in Westermo EDW-100 industrial serial-to-Ethernet converters exposes a hidden administrator account with hardcoded credentials. The root account password is embedded as plaintext strings within the firmware image.bin file, allowing trivial extraction by anyone with firmware access. No mechanism exists to change this password, rendering affected devices permanently vulnerable to un [truncated]