Lucene search
K

711 matches found

CVE
CVE
added 2025/04/16 5:37 p.m.55 views

CVE-2025-29905

CVE-2025-29905 affects Siemens TeleControl Server Basic (versions

8.8CVSS8.8AI score0.00712EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/16 5:37 p.m.6 views

CVE-2025-29905

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'RestoreFromBackup' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

8.8CVSS8.8AI score0.00712EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/16 5:37 p.m.20 views

CVE-2025-29905

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'RestoreFromBackup' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

8.8CVSS0.00712EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/16 5:37 p.m.5 views

CVE-2025-27540

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'Authenticate' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and...

9.8CVSS8.1AI score0.00807EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 5:37 p.m.55 views

CVE-2025-27540

TeleControl Server Basic is affected by a SQL injection in the internal Authenticate method for all versions prior to 3.1.2.2. The flaw can allow an unauthenticated remote attacker to bypass authorization, read/write the database, and potentially execute code with NT AUTHORITY\NetworkService权限, r...

9.8CVSS8.4AI score0.00807EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/16 5:37 p.m.13 views

CVE-2025-27540

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'Authenticate' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and...

9.8CVSS0.00807EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/16 5:37 p.m.5 views

CVE-2025-27539

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'VerifyUser' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and...

9.8CVSS8.1AI score0.00807EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 5:37 p.m.55 views

CVE-2025-27539

TeleControl Server Basic (all versions

9.8CVSS9.7AI score0.00807EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/16 5:37 p.m.12 views

CVE-2025-27539

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'VerifyUser' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and...

9.8CVSS0.00807EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/16 5:37 p.m.10 views

CVE-2025-27495

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'CreateTrace' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and...

9.8CVSS0.00807EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/16 5:37 p.m.4 views

CVE-2025-27495

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'CreateTrace' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and...

9.8CVSS8.1AI score0.00807EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 5:37 p.m.62 views

CVE-2025-27495

CVE-2025-27495 affects Siemens TeleControl Server Basic (all versions

9.8CVSS8.4AI score0.00807EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.6 views

PT-2025-16847 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

9CVSS7.5AI score0.00604EPSS
Exploits0References5
CNVD
CNVD
added 2025/04/16 12:0 a.m.3 views

Multiple SQL Injection Vulnerabilities in Siemens TeleControl Server Basic

TeleControl Server Basic is Siemens' software for the TeleControl Basic control center, which allows remote monitoring and control of devices via WAN/LAN. Siemens TeleControl Server Basic versions prior to v3.1.2.2 contain multiple SQL injection vulnerabilities that can be exploited by an attacke...

8.6AI score
Exploits0References1
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.4 views

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that can be exploited by an attacker to cause remote code execution...

9.8CVSS8.9AI score0.00807EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.6 views

PT-2025-16857 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: A SQL injection vulnerability has been identified in the affected application through the internally used LockBufferingSettings method. This could allow an authenticated remote...

9CVSS7.4AI score0.0049EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.5 views

PT-2025-16839 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

9CVSS7.5AI score0.00604EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.6 views

PT-2025-16852 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

9CVSS7.5AI score0.00525EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.5 views

PT-2025-16872 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

9CVSS7.5AI score0.00525EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.5 views

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method GetProjects, which can be exploited by an attacker to bypass...

8.8CVSS8.4AI score0.00604EPSS
Exploits0References2
Rows per page
Query Builder