CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files...

9.8CVSS7AI score0.00265EPSS

Exploits0

RedhatCVE•added 2025/05/22 9:34 p.m.•6 views

CVE-2021-43930

Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate download requests, enabling malicious users to perform path traversal attacks and potentially download arbitrary files from the system...

4.9CVSS7AI score0.00266EPSS

Exploits0

NVD•added 2022/04/29 4:15 p.m.•14 views

CVE-2021-43938

Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization...

9.8CVSS0.00246EPSS

Exploits0References1

NVD•added 2022/04/29 4:15 p.m.•13 views

CVE-2021-43937

Elcomplus SmartPTT SCADA Server web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request...

8.8CVSS0.00082EPSS

Exploits0References1

Prion•added 2022/04/29 4:15 p.m.•14 views

Authorization

Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization...

7.5CVSS9.6AI score0.00246EPSS

Exploits0References1Affected Software1

CVE•added 2022/04/29 3:18 p.m.•92 views

CVE-2021-43938

Elcomplus SmartPTT SCADA Server (vulnerable component: information exposure via unauthenticated file requests) is affected by CVE-2021-43938. The vulnerability arises from allowing an unauthenticated user to request various files from the server without authentication or authorization, leading to...

9.8CVSS9.2AI score0.00246EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2022/04/29 3:18 p.m.•6 views

CVE-2021-43938 Elcomplus SmartPTT SCADA Server Information Exposure

Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization...

8.1CVSS9.7AI score0.00246EPSS

Exploits0References1

Cvelist•added 2022/04/29 3:17 p.m.•12 views

CVE-2021-43937 Elcomplus SmartPTT SCADA Server Cross-site Request Forgery

7.6CVSS8.9AI score0.00082EPSS

Exploits0References1

OSV•added 2022/04/28 3:15 p.m.•2 views

CVE-2021-43932

Elcomplus SmartPTT is vulnerable when an attacker injects JavaScript code into a specific parameter that can executed upon accessing the dashboard or the main page...

6.1CVSS5.8AI score

Exploits0References1

NVD•added 2022/04/28 3:15 p.m.•9 views

CVE-2021-43932

Elcomplus SmartPTT is vulnerable when an attacker injects JavaScript code into a specific parameter that can executed upon accessing the dashboard or the main page...

9CVSS0.00192EPSS

Exploits0References1

OSV•added 2022/04/28 3:15 p.m.•0 views

CVE-2021-43939

Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints...

8.8CVSS7.3AI score0.00073EPSS

Exploits0References1

NVD•added 2022/04/28 3:15 p.m.•12 views

CVE-2021-43939

Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints...

9CVSS0.00073EPSS

Exploits0References1

NVD•added 2022/04/28 3:15 p.m.•15 views

CVE-2021-43934

Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files...

9.8CVSS0.00265EPSS

Exploits0References1

NVD•added 2022/04/28 3:15 p.m.•13 views

CVE-2021-43930

4.9CVSS0.00266EPSS

Exploits0References1

OSV•added 2022/04/28 3:15 p.m.•1 views

CVE-2021-43930

4.9CVSS5.9AI score

Exploits0References1

Prion•added 2022/04/28 3:15 p.m.•18 views

Path traversal