Lucene search
K

5 matches found

The Hacker News
The Hacker News
added 2023/08/15 4:44 p.m.29 views

Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking

Four security vulnerabilities in the ScrutisWeb ATM fleet monitoring software made by Iagona could be exploited to remotely break into ATMs, upload arbitrary files, and even reboot the terminals. The shortcomings were discovered by the Synack Red Team SRT following a client engagement. The issues...

10CVSS8.5AI score0.01163EPSS
Exploits0
NVD
NVD
added 2023/07/18 6:15 p.m.16 views

CVE-2023-35189

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a remote code execution vulnerability that could allow an unauthenticated user to upload a malicious payload and execute it...

10CVSS0.00907EPSS
Exploits0References1
OSV
OSV
added 2023/07/18 6:15 p.m.3 views

CVE-2023-35189

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a remote code execution vulnerability that could allow an unauthenticated user to upload a malicious payload and execute it...

9.8CVSS6AI score0.00907EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/18 5:12 p.m.18 views

CVE-2023-35189 Iagona ScrutisWeb Unrestricted Upload of File with Dangerous Type

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a remote code execution vulnerability that could allow an unauthenticated user to upload a malicious payload and execute it...

10CVSS9.8AI score0.00907EPSS
Exploits0References1
CVE
CVE
added 2023/07/18 5:12 p.m.33 views

CVE-2023-35189

CVE-2023-35189 affects Iagona ScrutisWeb up to version 2.1.37. It is a remote code execution flaw caused by unrestricted upload of dangerous file types , permitting an unauthenticated attacker to upload and execute a payload. Consequences include high impact to confidentiality, integrity, and ava...

10CVSS9.7AI score0.00907EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder