Denial of Service Vulnerability in Red Lion HMI Panels via Long URI HTTP POST Request

Denial of Service Vulnerability in Red Lion HMI Panels via Long URI HTTP POST Request

CVE-2017-14855 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

Red Lion HMI panels allow remote attackers to cause a denial of service (software exception) via an HTTP POST request to a long URI that does not exist, as demonstrated by version HMI 2.41 PLC 2.42.

Learn more about our Web Application Penetration Testing UK.