Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-12509: The new moni::tool v4.2 | Security first!

In s::can moni::tools in versions below 4.2 an unauthenticated attacker could get any file from the device by path traversal in the camera-file module.

CVE
#web#linux#debian#auth#ssh

July 2021 Exciting news, moni::tool gets an update!

moni::tool is the platform for the management of an almost unlimited number of stations, online probes, analyzers and parameters. In combination with the terminal con::cube V3 it is a powerful solution for compact station control.

With the new moni::tool v4.2 update the system is now more secure than ever!

Support of HTTPS (encrypted http)

moni::tool now ships with a self-signed certificate that encrypts data sent from a con::cube to a remote PC and back. It is possible to upload a server signed certificate.

Secure file transfer protocol (SFTP)

FTP file transfer connections use a secure shell tunnel (FTP over SSH). SFTP encrypts your data and passwords so that others cannot read them during transfer over the internet. SFTP only uses port 22 and there is no need to open passive mode ports with SFTP.

Upgraded operating system (Linux Debian 10 “Buster”)

Debian 10 brings stability fixes and the latest security updates such as a webserver update, a new web kit (webbrowser) and much more to moni::tool.

Hardened security for remote access

Access to moni::tool over the web requires taking a close look at software security. We did exactly that and are happy to announce that the following security flaws could be closed: CVE-2020-12507, CVE-2020-12508 and CVE-2020-12509.

Support of Io::Tool upgrades

With the upcoming Io::Tool upgrades, you can upload and apply update packages to a spectro::lyser V3, easily upgrade spectro::lyser V3 via moni::tool and supply update packages on USB sticks.

Language extension (Polish)

In addition to the 8 currently supported languages, the complete moni::tool user interface is now also available in Polish.

Related Posts

  • The new moni::tool v4.2 | Security first!

    July 2021 Exciting news, moni::tool gets an update! moni::tool is the platform for the management of an almost unlimited number of…

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907