CVE-2025-32838

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ImportConnectionVariables' method. This could allow an authenticated remote attacker to bypass authorization controls, to rea...

CVE-2025-32837

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetActiveConnectionVariables' method. This could allow an authenticated remote attacker to bypass authorization controls, to...

CVE-2025-32837

The provided connected documents confirm a SQL injection vulnerability in Siemens TeleControl Server Basic (all versions

CVE-2025-32836

Siemens TeleControl Server Basic (versions

CVE-2025-32835

Summary of technical details (CVE-2025-32835): Siemens TeleControl Server Basic (versions before 3.1.2.2) is affected by SQL injection via the internal UpdateConnectionVariableArchivingBuffering method. An authenticated remote attacker could bypass authorization, read/write the app’s database, an...

CVE-2025-32835

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariableArchivingBuffering' method. This could allow an authenticated remote attacker to bypass authorization...

CVE-2025-32833

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32833

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32832

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read fr...

CVE-2025-32830

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32830

The CVE-2025-32830 issue affects TeleControl Server Basic (versions

CVE-2025-32830

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32829

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockProjectCrossCommunications' method. This could allow an authenticated remote attacker to bypass authorization controls, t...

CVE-2025-32828

CVE-2025-32828 affects Siemens TeleControl Server Basic (all versions

CVE-2025-32827

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ActivateProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32827

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ActivateProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32826

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetActiveProjects' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

CVE-2025-32825

Vulnerability summary: TeleControl Server Basic (Siemens) versions prior to 3.1.2.2 suffer an SQL injection in the internal GetProjects method. This can let an authenticated remote attacker bypass authorization, read/write the database, and execute code with NT AUTHORITY\NetworkService permission...

CVE-2025-32824

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32823

TeleControl Server Basic prior to v3.1.2.2 is affected by a SQL injection in the LockProject method, enabling an authenticated remote attacker to bypass authorization and read/write the database, and potentially execute code with NT AUTHORITY\NetworkService privileges. Exploitation requires acces...