Alexander Schrode

3 exploits Active since Oct 2023
CVE-2023-26150 WRITEUP MEDIUM WRITEUP
asyncua <0.9.96 - Improper Authentication
Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. **Note:** This issue is a result of missing checks for services that require an active session.
CVSS 6.5
CVE-2023-26150 WRITEUP MEDIUM WRITEUP
asyncua <0.9.96 - Improper Authentication
Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. **Note:** This issue is a result of missing checks for services that require an active session.
CVSS 6.5
CVE-2023-26151 WRITEUP MEDIUM WRITEUP
freeopcua/opcua-asyncio < 0.9.96 - Denial of Service via Malformed Packet
Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service (DoS) such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory.
CVSS 5.3