CVE-2024-8232 iniNet Solutions SpiderControl SCADA Web Server Unrestricted Upload of File with Dangerous Type

SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication...

iniNet Solutions SpiderControl SCADA Web Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : iniNet Solutions GmbH Equipment : SpiderControl SCADA Web Server Vulnerabilities : Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful exploitation of this...

iniNet Solutions SpiderControl SCADA Web Server 代码问题漏洞

iniNet Solutions SpiderControl SCADA Web Server is a server from iniNet Solutions. A code issue vulnerability exists in iniNet Solutions SpiderControl SCADA Web Server. An attacker could exploit the vulnerability to upload specially crafted malicious files...

CVE-2023-3329

SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially overwriting syste...

Path traversal

SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially overwriting syste...

CVE-2023-3329 CVE-2023-3329

SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially overwriting syste...

CVE-2023-3329

CVE-2023-3329 affects SpiderControl SCADA Webserver versions 2.08 and prior. The vulnerability is a path traversal (CWE-22) flaw in the HMI file upload feature, allowing an attacker with administrative privileges to overwrite files on the webserver, potentially creating size-zero files anywhere a...

CVE-2023-3329 CVE-2023-3329

SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially overwriting syste...

SpiderControl SCADA Webserver Path Traversal Vulnerability

iniNet Solutions SpiderControl SCADA Webserver is a server from iniNet Solutions. A path traversal vulnerability exists in SpiderControl SCADA Webserver version 2.08 and prior versions, which can be exploited by an attacker with administrative privileges to overwrite files on a web server using t...

The vulnerability of the SpiderControl SCADA Web Server arises from an incorrect restriction on the path to the restricted access catalog. This allows a intruder to cause a service failure.

The vulnerability of the SpiderControl SCADA Web Server exists due to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to cause service failures...

SpiderControl SCADAWebServer

1. EXECUTIVE SUMMARY CVSS v3 4.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: SpiderControl Equipment: SCADAWebServer Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition 3. TECHNICAL DETAILS...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on June 22, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-173-02 Advantech R-SeeNet ICSA-23-173-03 SpiderControl SCADAWebServer ICSA-23-026-02...

iniNet SpiderControl SCADA WebServer Cross-Site Scripting Vulnerability

The iniNet SpiderControl SCADA WebServer is a SCADA system server from iniNet Solutions, Switzerland. A cross-site scripting vulnerability exists in iniNet SpiderControl SCADA WebServer versions prior to 2.03.0001. A remote attacker can exploit this vulnerability by sending a specially crafted UR...

SpiderControl SCADA WebServer

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SpiderControl Equipment: SCADA WebServer Vulnerability: Reflected Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute JavaScript...

Path traversal

In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid...

CVE-2017-14010

In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid...

CVE-2017-14010

In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid...

CVE-2017-14010

SpiderControl MicroBrowser (touch panel operating system) is affected on Windows XP, Vista, 7, 8 and 10 for versions 1.6.30.144 and prior. The vulnerability is an uncontrolled search path element (CWE-427) that allows arbitrary code execution when a crafted DLL is loaded before the legitimate DLL...

CVE-2017-14010

In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid...

The vulnerability of the SpiderControl SCADA Web Server, related to deficiencies in access control, allows a intruder to execute arbitrary code.

The vulnerability of the SpiderControl SCADA Web Server is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to edit executable service files with elevated privileges and execute arbitrary code within the system services...