← Back

Ditto Forensic Fieldstation Firmware

ditto_forensic_fieldstation_firmware

Vendor: Cru Inc • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2013-6884
1Cru Inc
2Ditto Forensic Fieldstation
Ditto Forensic Fieldstation Firmware
Apr 29, 2026
Jan 7, 2014
N/A· v4
N/A· v3
10.0 HIGH· v2
The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges.
CVE-2013-6881
1Cru Inc
2Ditto Forensic Fieldstation
Ditto Forensic Fieldstation Firmware
Apr 29, 2026
Jan 7, 2014
N/A· v4
N/A· v3
10.0 HIGH· v2
CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the forensic imaging task...Show more
CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the forensic imaging task.Show less
CVE-2013-6883
1Cru Inc
2Ditto Forensic Fieldstation
Ditto Forensic Fieldstation Firmware
Apr 29, 2026
Dec 17, 2013
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk...Show more
Cross-site request forgery (CSRF) vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors.Show less
CVE-2013-6882
1Cru Inc
2Ditto Forensic Fieldstation
Ditto Forensic Fieldstation Firmware
Apr 29, 2026
Dec 17, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow (1) remote attackers to inject arbitrary web script or HTML via the username parameter in...Show more
Multiple cross-site scripting (XSS) vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow (1) remote attackers to inject arbitrary web script or HTML via the username parameter in a login or (2) remote authenticated users to inject arbitrary web script or HTML via unspecified form fields.Show less