2 matches found
LAquis SCADA Web Server Command Injection (CVE-2018-18996)
A command injection vulnerability exists in LAquis SCADA. The vulnerability is due to improper handling of parameter submitted in requests. Successful exploitation results in the execution of arbitrary commands with the privileges of the web server process...
CVE-2018-18996
CVE-2018-18996 affects LCDS Laquis SCADA Web Server (LAquis SCADA) prior to 4.1.0.4150. The vulnerability arises from taking in user input without proper authorization or sanitation in the web server’s request handling (notably processing of calls to relatorionome.lhtml/NOME/TITULO elements), ena...