The vulnerability of the UnlockSmtpSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the UnlockSmtpSettings method in the software for managing and monitoring remote devices in telemetering and telemechanics systems is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass...

CVE-2025-32849

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockSmtpSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, UnlockSmtpSettings, which can be exploited by an attacker to bypass authorization contro...