Lucene search
K

3 matches found

Zero Day Initiative
Zero Day Initiative
added 2025/06/16 12:0 a.m.3 views

Siemens TeleControl Server Basic UpdateTcmSettings SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens TeleControl Server Basic. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6.5CVSS6.8AI score0.00648EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.5 views

The vulnerability of the UpdateTcmSettings method in the software for managing and monitoring removed objects in telemetering and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateTcmSettings method in the software for managing and monitoring removed objects in telemetering and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the...

9CVSS6.7AI score0.00648EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.4 views

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateTcmSettings, which can be exploited by an attacker to bypass...

8.8CVSS8.4AI score0.00648EPSS
Exploits0References2
Rows per page
Query Builder