3 matches found
CVE-2019-6579
A vulnerability has been identified in Spectrum Power 4 with Web Office Portal. An attacker with network access to the web server on port 80/TCP or 443/TCP could execute system commands with administrative privileges. The security vulnerability could be exploited by an unauthenticated attacker wi...
CVE-2019-6579
Siemens Spectrum Power 4 with Web Office Portal is affected by CVE-2019-6579 (Improper Neutralization of Special Elements Used in a Command). An unauthenticated attacker with network access to the web server on port 80/443 can execute system commands with administrative privileges, potentially co...
ICSA-19-099-02 Siemens Spectrum Power 4.7
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Spectrum Power 4.7 Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability in versions of Spectrum Power 4 using the user-specific...