CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

182 matches found

Vulnrichment•added 2024/05/03 1:59 a.m.•19 views

CVE-2023-39464 Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability

Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this...

7.2CVSS8.1AI score0.01577EPSS

Exploits0References2

CVE•added 2024/05/03 1:59 a.m.•49 views

CVE-2023-39464

The CVE-2023-39464 entry describes a remote code execution vulnerability in Triangle MicroWorks SCADA Data Gateway related to an unquoted path in the GTWWebMonitorService executable. The flaw’s root cause is the service path containing spaces not surrounded by quotation marks, enabling an attacke...

7.2CVSS7.5AI score0.01577EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/05/03 1:59 a.m.•27 views

CVE-2023-39464 Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability

7.2CVSS7.7AI score0.01577EPSS

Exploits0References2

Vulnrichment•added 2024/05/03 1:59 a.m.•13 views

CVE-2023-39463 Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability

Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is requir...

7.2CVSS8.1AI score0.01002EPSS

Exploits0References2

Cvelist•added 2024/05/03 1:59 a.m.•20 views

CVE-2023-39463 Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability

7.2CVSS7.7AI score0.01002EPSS

Exploits0References2

Vulnrichment•added 2024/05/03 1:59 a.m.•10 views

CVE-2023-39462 Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability

Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the...

6.5CVSS7.4AI score0.01215EPSS

Exploits0References2

Vulnrichment•added 2024/05/03 1:59 a.m.•18 views

CVE-2023-39461 Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability

Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required...

4.4CVSS7.2AI score0.01028EPSS

Exploits0References2

Cvelist•added 2024/05/03 1:59 a.m.•18 views

CVE-2023-39461 Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability

4.4CVSS5.3AI score0.01028EPSS

Exploits0References2

Cvelist•added 2024/05/03 1:59 a.m.•20 views

CVE-2023-39462 Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability

6.5CVSS7AI score0.01215EPSS

Exploits0References2

Vulnrichment•added 2024/05/03 1:59 a.m.•13 views

CVE-2023-39460 Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability

Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this...

7.2CVSS7.1AI score0.02854EPSS

Exploits0References2

Cvelist•added 2024/05/03 1:59 a.m.•20 views

CVE-2023-39460 Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability

7.2CVSS7.3AI score0.02854EPSS

Exploits0References2

Vulnrichment•added 2024/05/03 1:59 a.m.•12 views

CVE-2023-39459 Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability

Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. User interaction is required to exploit this vulnerability in...

7.8CVSS6.4AI score0.00954EPSS

Exploits0References2

Vulnrichment•added 2024/05/03 1:59 a.m.•21 views

CVE-2023-39457 Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability

Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw...

9.8CVSS7.8AI score0.01623EPSS

Exploits0References2

CVE•added 2024/05/03 1:59 a.m.•56 views

CVE-2023-39458

Triangle MicroWorks SCADA Data Gateway contains a hard-coded default SSL certificate, allowing authentication bypass for network-adjacent attackers. The flaw is in certificate handling, enabling bypass of authentication on affected installations without required user interaction. Documents consis...

5.3CVSS5.4AI score0.00247EPSS

Exploits0References2Affected Software1