CVE-2025-31350

CVE-2025-31350 affects Siemens TeleControl Server Basic (versions before 3.1.2.2). A SQL injection in the internal UpdateBufferingSettings method allows an authenticated remote attacker to bypass authorization, read/write the application database, and execute code with NT AUTHORITY\NetworkService...

CVE-2025-31349

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateSmtpSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from...

CVE-2025-31349

CVE-2025-31349 affects Siemens TeleControl Server Basic (versions before 3.1.2.2). The issue is a SQL injection in the internal UpdateSmtpSettings method that can bypass authorization, allowing an authenticated remote attacker to read/write the database and execute code with NT AUTHORITY\NetworkS...

CVE-2025-31343

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateTcmSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

CVE-2025-31343

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateTcmSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

CVE-2025-31343

TeleControl Server Basic (versions before 3.1.2.2) is affected by an SQL injection via the internal UpdateTcmSettings method. An authenticated remote attacker who can reach port 8000 can bypass authorization, read/write the application database, and execute code with NT AUTHORITY\NetworkService p...

CVE-2025-30032

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateDatabaseSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-30032

CVE-2025-30032 affects Siemens TeleControl Server Basic (versions prior to 3.1.2.2). The vulnerability is a SQL injection in the internal UpdateDatabaseSettings method, allowing an authenticated remote attacker to bypass authorization, read/write the application database, and execute code with NT...

CVE-2025-30031

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateUsers' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and wri...

CVE-2025-30031

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateUsers' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and wri...

CVE-2025-30031

The CVE-2025-30031 entry concerns Siemens TeleControl Server Basic prior to v3.1.2.2, with a SQL injection in the internal UpdateUsers method. This can allow an authenticated remote attacker to bypass authorization, read/write the application’s database, and execute code with NT AUTHORITY\Network...

CVE-2025-30030

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ImportDatabase' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-30030

Summary (CVE-2025-30030) : TeleControl Server Basic versions prior to 3.1.2.2 are affected by an SQL injection vulnerability in the internal ImportDatabase method. An authenticated remote attacker can bypass authorization, read/write the application database, and execute code with NT AUTHORITY\Ne...

CVE-2025-30030

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ImportDatabase' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-30003

CVE-2025-30003 affects Siemens TeleControl Server Basic (versions

CVE-2025-30003

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectConnections' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-30003

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectConnections' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-30002

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariables' method. This could allow an authenticated remote attacker to bypass authorization controls, to rea...

CVE-2025-30002

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariables' method. This could allow an authenticated remote attacker to bypass authorization controls, to rea...

CVE-2025-30002

TeleControl Server Basic (versions before 3.1.2.2) has a SQL injection in UpdateConnectionVariables that can let an authenticated remote attacker bypass authorization, read/write the app DB, and run code as NT AUTHORITY\NetworkService. An exploit requires port 8000 access. Mitigation: upgrade to ...