36 matches found
EUVD-2017-4233
Malware in sbrugna...
EUVD-2017-4267
Malware in sbrugna...
EUVD-2024-49038
Malicious code in bioql PyPI...
EUVD-2023-43997
Malicious code in bioql PyPI...
Exploit for CVE-2024-8232
CVE-2024-8232 – SpiderControl SCADA Web Server File Upload Vul...
CVE-2023-3329
SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially overwriting syste...
CVE-2024-10313
iniNet Solutions SpiderControl SCADA PC HMI Editor has a path traversal vulnerability. When the software loads a malicious ‘ems' project template file constructed by an attacker, it can write files to arbitrary directories. This can lead to overwriting system files, causing system paralysis, or...
CVE-2024-10313
CVE-2024-10313 affects iniNet Solutions SpiderControl SCADA PC HMI Editor. The vulnerability is an improper restriction of a pathname to a restricted directory (path traversal) that is triggered when loading a malicious ‘ems’ project template, allowing writing files to arbitrary directories. Repo...
PT-2024-16180 · Ininet Solutions · Ininet Solutions Spidercontrol Scada Pc Hmi Editor
Name of the Vulnerable Software and Affected Versions: iniNet Solutions SpiderControl SCADA PC HMI Editor affected versions not specified Description: The issue is related to a path traversal vulnerability. When the software loads a malicious ems project template file created by an attacker, it c...
CVE-2024-8232
SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication...
CVE-2024-8232
CVE-2024-8232 affects SpiderControl SCADA Web Server (iniNet Solutions GmbH). The vulnerability allows unauthenticated upload of specially crafted files via the web server, with potential to log in or execute arbitrary code. Affected products in ICS advisories include SpiderControl SCADA Web Serv...
CVE-2024-8232 iniNet Solutions SpiderControl SCADA Web Server Unrestricted Upload of File with Dangerous Type
SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication...
iniNet Solutions SpiderControl SCADA Web Server
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : iniNet Solutions GmbH Equipment : SpiderControl SCADA Web Server Vulnerabilities : Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful exploitation of this...
Path traversal
SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially overwriting syste...
CVE-2023-3329
CVE-2023-3329 affects SpiderControl SCADA Webserver versions 2.08 and prior. The vulnerability is a path traversal (CWE-22) flaw in the HMI file upload feature, allowing an attacker with administrative privileges to overwrite files on the webserver, potentially creating size-zero files anywhere a...
CVE-2023-3329 CVE-2023-3329
SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially overwriting syste...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on June 22, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-173-02 Advantech R-SeeNet ICSA-23-173-03 SpiderControl SCADAWebServer ICSA-23-026-02...
SpiderControl SCADA Web Server 2.02.0007 Improper Privilege Management Vulnerability
SpiderControl SCADA Web Server versions 2.02.0007 and below suffer from an improper privilege management vulnerability. Vendor: SpiderControl Equipment: SCADA Web Server Vulnerability: Improper Privilege Management Advisory URL...
CVE-2017-12728
An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the...
CVE-2017-12728
An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the...