EUVD-2018-8603

Malware in sbrugna...

CIMTechniques CIMScan SQL Code Execution Vulnerability

CIMTechniques CIMScan is a critical infrastructure monitoring system from CIMTechniques, Inc. The system can be used to detect temperature, humidity and other variables in infrastructure environments.SOAP WSDL parser is one of the SOAP WSDL Web Services Description Language parsers. CIMTechniques...

CVE-2018-16803

In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows attackers to execute SQL code...

CVE-2018-16803

In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows attackers to execute SQL code...

Code injection

In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows attackers to execute SQL code...

CVE-2018-16803

The CVE-2018-16803 entry applies to CIMTechniques CIMScan 6.x–6.2, where the SOAP WSDL parser is vulnerable to SQL code execution. Public details across connected documents corroborate a high-severity impact (NVD CVSS v3.0: 9.8, CRITICAL) with network attack vector and no user interaction require...

CVE-2018-16803

In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows attackers to execute SQL code...

U.S. Dept Of Defense: SOAP WSDL Parser SQL Code Execution

Summary: SOAP WSDL Parser SQL Code Execution Description: It was possible to parse WSDL resources and read all functions from the SOAP Admin Panel, therefor i was able to repeat the sql query with a tampered request with my own custom SQL command. i was able to extract all the database names for...