5 matches found
CVE-2021-43939
creationtimestamp| type| source ---|---|--- 2022-04-28 18:24:21+00:00| seen| https://t.me/cibsecurity/41577...
CVE-2021-43939 Elcomplus SmartPtt Improper Authorization
Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints...
CVE-2021-43939 Elcomplus SmartPtt Improper Authorization
Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints...
CVE-2021-43939
CVE-2021-43939 affects Elcomplus SmartPTT (SCADA/server endpoints). The vulnerability is improper authorization (CWE-285) that lets a low-authenticated user issue requests to admin-level endpoints, enabling privilege escalation with high impact to confidentiality, integrity and availability. Affe...
Elcomplus SmartPTT SCADA
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor: Elcomplus Equipment: SmartPTT Vulnerabilities: Path Traversal, Unrestricted Upload of File with Dangerous Type, Improper Authorization, Cross-site Scripting 2. RISK EVALUATION Successful exploitation...