Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Cru-inc Subscribe
Filtered by product Ditto Forensic Fieldstation Firmware
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-6881 1 Cru-inc 2 Ditto Forensic Fieldstation, Ditto Forensic Fieldstation Firmware 2014-02-25 10.0 HIGH N/A
CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the forensic imaging task.
CVE-2013-6884 1 Cru-inc 2 Ditto Forensic Fieldstation, Ditto Forensic Fieldstation Firmware 2014-02-24 10.0 HIGH N/A
The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges.
CVE-2013-6882 1 Cru-inc 2 Ditto Forensic Fieldstation, Ditto Forensic Fieldstation Firmware 2014-01-13 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow (1) remote attackers to inject arbitrary web script or HTML via the username parameter in a login or (2) remote authenticated users to inject arbitrary web script or HTML via unspecified form fields.
CVE-2013-6883 1 Cru-inc 2 Ditto Forensic Fieldstation, Ditto Forensic Fieldstation Firmware 2014-01-13 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors.