191 matches found
Triangle MicroWorks SCADA Data Gateway 格式化字符串错误漏洞
Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. A formatting string error vulnerability exists in Triangle MicroWorks SCADA Data Gateway, which can be exploited by an attacker to execute arbitrary code and gain host privileges...
The vulnerability of the Restore Workspace function in SCADA systems’ SCADA Data Gateway (SDG) allows a intruder to execute arbitrary code.
The vulnerability of the Restore Workspace function in SCADA systems’ SCADA Data Gateway SDG is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...
PT-2023-3042 · Triangle Microworks · Scada Data Gateway
Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks' SCADA Data Gateway version = v5.01.03 Description: The issue is related to the lack of authentication for a critical function in the WebMonitor component of the SCADA Data Gateway. An unauthenticated attacker can send...
PT-2023-3043 · Triangle Microworks · Scada Data Gateway
Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks' SCADA Data Gateway version = v5.01.03 Description: The issue is related to the use of uncontrolled format strings in the GTWWebMonitor.exe executable file of the SCADA Data Gateway system. An unauthenticated attacker can...
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
PT-2023-5841 · Triangle Microworks · Triangle Microworks Scada Data Gateway
Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows remote attackers to write arbitrary files on affected installations, potentially enabling them to execute code in the context of root. The...
PT-2023-5840 · Triangle Microworks · Triangle Microworks Scada Data Gateway
Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. The specific flaw...
KLA12510 Spoofing vulnerability in Microsoft SQL Server
A spoofing vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2022-23292 Related products Microsoft-Power-BI CVE list CVE-2022-23292 warning KB list Solution Install necessary updates from the KB section...
PT-2022-2925 · Microsoft · Power Bi +1
Name of the Vulnerable Software and Affected Versions: Microsoft Power BI affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Microsoft Power BI local data gateway component, Microsoft On-Premises Data...
PT-2022-6556 · Triangle Microworks · Scada Data Gateway
Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this issue, the existin...
Denial of Service Vulnerability in Changyuan Shenrui PRS-7910 Data Gateway Machine
Changyuan Shamrui PRS-7910 Data Gateway is an Ethernet-based data gateway introduced by Changyuan Shamrui Relay Automation Co. A denial of service vulnerability exists in the SUNRISE PRS-7910 Data Gateway. An attacker can exploit the vulnerability to cause the Data Gateway to fail to provide...
Unauthorized Access Vulnerability in Changyuan Shenrui PRS-7910 Data Gateway Machine
Changyuan Shamrui PRS-7910 Data Gateway is an Ethernet-based data gateway introduced by Changyuan Shamrui Relay Automation Co. The PRS-7910 Data Gateway has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information...
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway DNP3 Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of data set elements. The issue results from the lac...
CVE-2020-10613
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is no...
CVE-2020-10611
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this...
CVE-2020-10611
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this...
CVE-2020-10613
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is no...
Stack overflow
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication ...
Design/Logic Flaw
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is no...
CVE-2020-10611
CVE-2020-10611 is a real, externally exploitable type-confusion vulnerability in Triangle MicroWorks SCADA Data Gateway (DNP3 Data Sets). The Red Hat and NVD entries confirm it affects versions 2.41.0213–4.0.122 and 3.02.0697–4.0.122, enabling remote code execution with no authentication required...