169 matches found
PT-2022-17648 · Open Automation · Open Automation Software Oas Platform
Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 16.00.0112 Description: An information disclosure issue exists in the OAS Engine SecureTransferFiles functionality. A specially-crafted series of network requests can lead to arbitrary file read. ...
Open Automation Software OAS Platform 安全漏洞
Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. Open Automation Software OAS Platform version V16.00.0112 is vulnerable to information disclosure and can be exploited by attackers to obtain sensitive information via targeted...
PT-2022-3463 · Open Automation · Open Automation Software Oas Platform
Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version V16.00.0112 Description: The issue concerns the OAS Engine SecureAddSecurity functionality, where a lack of authentication check for a critical function can be exploited. An attacker can send a...
PT-2022-17638 · Open Automation · Open Automation Software Oas Platform
Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 16.00.0112 Description: A denial of service issue exists in the OAS Engine SecureConfigValues functionality. It can be triggered by a specially-crafted network request, leading to a loss of...
Open Automation Software Platform Engine SecureBrowseFile information disclosure vulnerability
Summary An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger th...
Open Automation Software OAS Platform 访问控制错误漏洞
Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. Open Automation Software OAS Platform V16.00.0112 contains a file-writing vulnerability that can be exploited by attackers to cause remote code execution with specially crafted...
Open Automation Software OAS Platform 访问控制错误漏洞
Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. Open Automation Software OAS Platform V16.00.0121 is vulnerable to an access control error that could be exploited by an attacker to make unauthenticated use of the REST API wit...
CVE-2022-26833
An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this...
Open Automation Software Platform Engine cleartext transmission of sensitive information vulnerability
Summary A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can...
Open Automation Software Platform Engine SecureTransferFiles file write vulnerability
Summary A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...
Open Automation Software OAS Platform 访问控制错误漏洞
Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. An information disclosure vulnerability exists in Open Automation Software OAS Platform version V16.00.0112, which stems from an information disclosure issue in the OAS Engine...
Open Automation Software OAS Platform 访问控制错误漏洞
Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. A denial-of-service vulnerability exists in Open Automation Software OAS Platform, which can be exploited by attackers to cause a loss of communication with the help of speciall...
PT-2022-2739 · Open Automation · Open Automation Software Oas Platform
Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version V16.00.0112 Description: A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality, allowing remote code execution through a specially-crafted series of network request...
Open Automation Software OAS Platform 访问控制错误漏洞
Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. Open Automation Software OAS Platform V16.00.0112 contains an information disclosure vulnerability that could be exploited by attackers to compromise sensitive information...
PT-2022-18264 · Open Automation · Open Automation Software Oas Platform
Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 16.00.0112 Description: An information disclosure issue exists in the OAS Engine SecureBrowseFile functionality. A specially-crafted network request can lead to a disclosure of sensitive...
Open Automation Software OAS Platform REST API unauthenticated vulnerability
Summary An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this...
Open Automation Software OAS Platform 访问控制错误漏洞
Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. Open Automation Software OAS Platform V16.00.0112 is vulnerable to an access control error that could be exploited to create OAS user accounts with specially crafted network...
PT-2022-17655 · Open Automation · Open Automation Software Oas Platform
Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 16.00.0112 Description: A cleartext transmission of sensitive information issue exists in the OAS Engine configuration communications functionality. This can be exploited through a targeted networ...
PT-2022-2740 · Open Automation · Open Automation Software Oas Platform
Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 16.00.0121 Description: The issue is related to an improper authentication vulnerability in the REST API functionality. This vulnerability can be triggered by a specially-crafted series of HTTP...
CVE-2015-7917
Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory...