HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2021-28111

CVSS 8.8v3.1pub. 2021-05-20upd. 2024-11-21

Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, leading to remote code execution by an authenticated attacker.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Draeger X Dock 5300

    HW
    Draeger
    wszystkie wersje
  • Draeger X Dock 6300

    HW
    Draeger
    wszystkie wersje
  • Draeger X Dock 6600

    HW
    Draeger
    wszystkie wersje
  • Draeger X Dock Firmware

    OS
    Draeger
    < 03.00.13
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2021-28112HIGH8.8ten sam produkt

Draeger X-Dock Firmware before 03.00.13 has Active Debug Code on a debug port, leading to remote code executio...

CVE-2019-25716HIGH7.1ten sam vendor

Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that all...

CVE-2019-25718HIGH8.6ten sam vendor

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out...

CVE-2018-19012HIGH7.8ten sam vendor

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity ...

CVE-2019-25717MEDIUM5.3ten sam vendor

Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability th...