Lucene search
K

4 matches found

The Hacker News
The Hacker News
added 2023/08/15 4:44 p.m.29 views

Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking

Four security vulnerabilities in the ScrutisWeb ATM fleet monitoring software made by Iagona could be exploited to remotely break into ATMs, upload arbitrary files, and even reboot the terminals. The shortcomings were discovered by the Synack Red Team SRT following a client engagement. The issues...

10CVSS8.5AI score0.01163EPSS
Exploits0
CVE
CVE
added 2023/07/18 5:21 p.m.55 views

CVE-2023-33871

CVE-2023-33871 affects Iagona ScrutisWeb, v2.1.37 and earlier. The vulnerability is a directory traversal that could allow an unauthenticated user to access files outside the webroot. The primary affected component is the web application layer; root cause is improper path restriction. Public disc...

7.5CVSS7.7AI score0.01163EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/18 5:21 p.m.24 views

CVE-2023-33871 Iagona ScrutisWeb Absolute Path Traversal

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a directory traversal vulnerability that could allow an unauthenticated user to directly access any file outside the webroot...

7.5CVSS7.8AI score0.01163EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/18 5:21 p.m.12 views

CVE-2023-33871 Iagona ScrutisWeb Absolute Path Traversal

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a directory traversal vulnerability that could allow an unauthenticated user to directly access any file outside the webroot...

7.5CVSS7AI score0.01163EPSS
Exploits0References1
Rows per page
Query Builder