id: 2568title: 'RVD#2568: Apache server is vulnerable to a DoS'type: vulnerabilitydescription: The Apache server on port 80 that host the web interface is vulnerableto a DoS by spamming incomplete HTTP headers, effectively blocking the access tothe dashboard.cwe: CWE-239cve: CVE-2020-10280keywords:
- MiR100, MiR200, MiR500, MiR250, MiR1000, ER200, ER-Lite, ER-Flex,ER-One, UVDsystem: MiR100:v2.8.1.1 and before, MiR200, MiR250, MiR500, MiR1000, ER200,ER-Lite, ER-Flex, ER-One, UVDvendor: Mobile Industrial Robots A/S, EasyRobotics, Enabled Robotics, UVD Robotsseverity:
rvss-score: 6.1rvss-vector: RVSS:1.0/AV:IN/AC:L/PR:N/UI:N/S:U/Y:Z/C:N/I:L/A:H/H:U/severity-description: highcvss-score: 8.2cvss-vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:Hlinks:
- https://cwe.mitre.org/data/definitions/239.html
- https://github.com/aliasrobotics/RVD/issues/2568flaw:
phase: runtime-operationspecificity: robotics-specificarchitectural-location: platform codeapplication: Apachesubsystem: Server:Web-Interfacepackage: N/Alanguages: N/Adate-detected: 2020-06-11detected-by: Lander Usategui (Alias Robotics)detected-by-method: testing-dynamic:aluritydate-reported: '2020-06-24'reported-by: nullreported-by-relationship: nullissue: https://github.com/aliasrobotics/RVD/issues/2568reproducibility: alwaystrace: Not disclosedreproduction: Not disclosedreproduction-image: Not disclosedexploitation:
description: Not disclosedexploitation-image: Not disclosedexploitation-vector: Not disclosedexploitation-recipe: ''mitigation:
description: Not disclosedpull-request: Not discloseddate-mitigation: null
The text was updated successfully, but these errors were encountered:
The text was updated successfully, but these errors were encountered: