Lucene search
+L

191 matches found

CNNVD
CNNVD
added 2023/06/07 12:0 a.m.6 views

Triangle MicroWorks SCADA Data Gateway 格式化字符串错误漏洞

Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. A formatting string error vulnerability exists in Triangle MicroWorks SCADA Data Gateway, which can be exploited by an attacker to execute arbitrary code and gain host privileges...

9.8CVSS7.8AI score0.00706EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/05/10 12:0 a.m.8 views

The vulnerability of the Restore Workspace function in SCADA systems’ SCADA Data Gateway (SDG) allows a intruder to execute arbitrary code.

The vulnerability of the Restore Workspace function in SCADA systems’ SCADA Data Gateway SDG is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

9CVSS7.4AI score0.02298EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/29 12:0 a.m.8 views

PT-2023-3042 · Triangle Microworks · Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks' SCADA Data Gateway version = v5.01.03 Description: The issue is related to the lack of authentication for a critical function in the WebMonitor component of the SCADA Data Gateway. An unauthenticated attacker can send...

5.3CVSS5.3AI score0.00593EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/04/29 12:0 a.m.7 views

PT-2023-3043 · Triangle Microworks · Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks' SCADA Data Gateway version = v5.01.03 Description: The issue is related to the use of uncontrolled format strings in the GTWWebMonitor.exe executable file of the SCADA Data Gateway system. An unauthenticated attacker can...

9.8CVSS9.2AI score0.00706EPSS
Exploits0References6
Zero Day Initiative
Zero Day Initiative
added 2023/04/14 12:0 a.m.25 views

(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

7.2CVSS7.2AI score0.02298EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/02/24 12:0 a.m.5 views

PT-2023-5841 · Triangle Microworks · Triangle Microworks Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows remote attackers to write arbitrary files on affected installations, potentially enabling them to execute code in the context of root. The...

6.2CVSS7.4AI score0.01028EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/02/24 12:0 a.m.8 views

PT-2023-5840 · Triangle Microworks · Triangle Microworks Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. The specific flaw...

5.3CVSS7.3AI score0.00247EPSS
Exploits0References8
Kaspersky
Kaspersky
added 2022/04/12 12:0 a.m.20 views

KLA12510 Spoofing vulnerability in Microsoft SQL Server

A spoofing vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2022-23292 Related products Microsoft-Power-BI CVE list CVE-2022-23292 warning KB list Solution Install necessary updates from the KB section...

3.7CVSS4.8AI score0.00797EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/04/12 12:0 a.m.5 views

PT-2022-2925 · Microsoft · Power Bi +1

Name of the Vulnerable Software and Affected Versions: Microsoft Power BI affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Microsoft Power BI local data gateway component, Microsoft On-Premises Data...

3.7CVSS3.9AI score0.00797EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/01/25 12:0 a.m.7 views

PT-2022-6556 · Triangle Microworks · Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this issue, the existin...

9CVSS7.8AI score0.02298EPSS
Exploits0References7
CNVD
CNVD
added 2020/05/07 12:0 a.m.0 views

Denial of Service Vulnerability in Changyuan Shenrui PRS-7910 Data Gateway Machine

Changyuan Shamrui PRS-7910 Data Gateway is an Ethernet-based data gateway introduced by Changyuan Shamrui Relay Automation Co. A denial of service vulnerability exists in the SUNRISE PRS-7910 Data Gateway. An attacker can exploit the vulnerability to cause the Data Gateway to fail to provide...

6.8AI score
Exploits0
CNVD
CNVD
added 2020/04/26 12:0 a.m.2 views

Unauthorized Access Vulnerability in Changyuan Shenrui PRS-7910 Data Gateway Machine

Changyuan Shamrui PRS-7910 Data Gateway is an Ethernet-based data gateway introduced by Changyuan Shamrui Relay Automation Co. The PRS-7910 Data Gateway has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information...

6.8AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/04/16 12:0 a.m.31 views

(Pwn2Own) Triangle MicroWorks SCADA Data Gateway DNP3 Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of data set elements. The issue results from the lac...

9.8CVSS3.9AI score0.05226EPSS
Exploits0References1
OSV
OSV
added 2020/04/15 7:15 p.m.5 views

CVE-2020-10613

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is no...

7.5CVSS5.7AI score0.02493EPSS
Exploits0References2
OSV
OSV
added 2020/04/15 7:15 p.m.4 views

CVE-2020-10611

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this...

9.8CVSS7.6AI score0.05226EPSS
Exploits0References2
NVD
NVD
added 2020/04/15 7:15 p.m.38 views

CVE-2020-10611

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this...

9.8CVSS9.8AI score0.05226EPSS
Exploits0References2
NVD
NVD
added 2020/04/15 7:15 p.m.27 views

CVE-2020-10613

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is no...

7.5CVSS7.8AI score0.02493EPSS
Exploits0References2
Prion
Prion
added 2020/04/15 7:15 p.m.13 views

Stack overflow

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication ...

5CVSS7.6AI score0.02568EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/04/15 7:15 p.m.13 views

Design/Logic Flaw

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is no...

5CVSS7.4AI score0.02493EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/04/15 6:36 p.m.64 views

CVE-2020-10611

CVE-2020-10611 is a real, externally exploitable type-confusion vulnerability in Triangle MicroWorks SCADA Data Gateway (DNP3 Data Sets). The Red Hat and NVD entries confirm it affects versions 2.41.0213–4.0.122 and 3.02.0697–4.0.122, enabling remote code execution with no authentication required...

9.8CVSS9.7AI score0.05226EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder