Lucene search

Scada Web Server Security Vulnerabilities

cve

CVE-2015-1001

Multiple stack-based buffer overflows in IniNet embeddedWebServer (aka eWebServer) before 2.02 allow remote attackers to execute arbitrary code via a long field in an HTTP request.

8AI Score

0.013EPSS

2015-10-25 02:59 AM

cve

CVE-2015-1002

IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL encoding, which allows remote attackers to write to or delete files via a crafted string.

6.8AI Score

0.005EPSS

2015-10-25 02:59 AM

cve

CVE-2015-1003

Directory traversal vulnerability in IniNet embeddedWebServer (aka eWebServer) before 2.02 allows remote attackers to read arbitrary files via a crafted pathname.

6.8AI Score

0.005EPSS

2015-10-25 02:59 AM

cve

CVE-2015-1005

IniNet embeddedWebServer (aka eWebServer) before 2.02 for Windows CE uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.

6.4AI Score

0.001EPSS

2015-10-25 02:59 AM

cve

CVE-2017-12694

A Directory Traversal issue was discovered in SpiderControl SCADA Web Server. An attacker may be able to use a simple GET request to perform a directory traversal into system files.

7.5CVSS

7.4AI Score

0.014EPSS

2017-08-25 07:29 PM