CVE-2025-32837

The provided connected documents confirm a SQL injection vulnerability in Siemens TeleControl Server Basic (all versions

CVE-2025-32836

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetConnectionVariables' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32836

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetConnectionVariables' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32836

Siemens TeleControl Server Basic (versions

CVE-2025-32835

Summary of technical details (CVE-2025-32835): Siemens TeleControl Server Basic (versions before 3.1.2.2) is affected by SQL injection via the internal UpdateConnectionVariableArchivingBuffering method. An authenticated remote attacker could bypass authorization, read/write the app’s database, an...

CVE-2025-32835

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariableArchivingBuffering' method. This could allow an authenticated remote attacker to bypass authorization...

CVE-2025-32835

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariableArchivingBuffering' method. This could allow an authenticated remote attacker to bypass authorization...

CVE-2025-32834

CVE-2025-32834 affects Siemens TeleControl Server Basic (all versions

CVE-2025-32834

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariablesWithImport' method. This could allow an authenticated remote attacker to bypass authorization...

CVE-2025-32834

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariablesWithImport' method. This could allow an authenticated remote attacker to bypass authorization...

CVE-2025-32833

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32833

The CVE-2025-32833 entry concerns Siemens TeleControl Server Basic (pre-3.1.2.2). The vulnerability is an SQL injection in the internal UnlockProjectUserRights path (and related methods noted in advisories), enabling an authenticated remote attacker to bypass authorization, read/write the databas...

CVE-2025-32833

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32832

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read fr...

CVE-2025-32832

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read fr...

CVE-2025-32832

CVE-2025-32832 affects Siemens TeleControl Server Basic (versions

CVE-2025-32831

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32831

The CVE-2025-32831 flaw affects Siemens TeleControl Server Basic (versions prior to 3.1.2.2), with SQL injection via the internal UpdateProjectUserRights method. Attackers authenticated to the system could read/write the application DB and execute code with NT AUTHORITY\NetworkService permissions...

CVE-2025-32831

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32830

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...