3452 matches found
CVE-2026-36226
Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...
Exploit for CVE-2026-36226
CVE-2026-36226: Advantech WebAccess/SCADA Create New Project U...
Advantech WebAccess/SCADA 安全漏洞
Advantech WebAccess/SCADA is a SCADA software based on the browser architecture developed by Advantech China Research & Development. This software supports dynamic graphical displays and real-time data control, and provides functionality for remote control and management of automation devices. Th...
CVE-2026-36226
Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...
CVE-2026-8602
In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...
CVE-2026-8603
In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...
CVE-2026-8605
CVE-2026-8605 affects ScadaBR 1.2.0 via a Use of Hard-Coded Credentials vulnerability that could let an attacker access the SCADA system as admin. The provided sources specify admin-level access without authentication, with CVSS 3.1 indicating a CRITICAL impact (score 9.8) and network access with...
CVE-2026-8605 Use of Hard-coded Credentials in ScadaBR
In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin...
CVE-2026-8604
CVE-2026-8604 concerns ScadaBR 1.2.0 and is described as a CSRF vulnerability that could allow an attacker to trigger any authenticated action via a victim’s session by convincing a logged-in user to visit a malicious page. The available sources confirm the affected software and the underlying is...
CVE-2026-8603
In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...
CVE-2026-8603 Improper neutralization of special elements used in an OS command ('OS command injection') in ScadaBR
In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...
EUVD-2026-30961
In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...
CVE-2026-8603 Improper neutralization of special elements used in an OS command ('OS command injection') in ScadaBR
In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...
CVE-2026-8603
In ScadaBR 1.2.0, an OS command injection vulnerability could allow an attacker to execute commands as root on the SCADA system. The issue is described as a network‑level vulnerability with no user interaction required, and could impact confidentiality, integrity, and availability (all HIGH). The...
CVE-2026-8602 Missing authentication for critical function in ScadaBR
In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...
CVE-2026-8602
CVE-2026-8602 affects ScadaBR 1.2.0, described as a Missing Authentication for Critical Function vulnerability that could allow an unauthenticated attacker to send HTTP GET requests to the SCADA system and inject arbitrary sensor readings. The connected documents provide concrete details: vulnera...
ScadaBR
ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to perform unauthenticated remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network...
PT-2026-41989
In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...
Sensorweb ScadaBR 访问控制错误漏洞
Sensorweb ScadaBR is a set of open-source software developed by Sensorweb Corporation for creating automated data acquisition and monitoring applications. Version 1.2.0 of Sensorweb ScadaBR contains an access control vulnerability. This vulnerability stems from the lack of authentication for...
Sensorweb ScadaBR 跨站请求伪造漏洞
Sensorweb ScadaBR is a set of open-source software developed by Sensorweb Corporation for creating automated data acquisition and monitoring applications. Version 1.2.0 of Sensorweb ScadaBR contains a vulnerability related to cross-site request forgeing. This vulnerability arises when attackers...