6 matches found
Automated Logic WebCTRL Premium Server Unrestricted Upload of File with Dangerous Type (CVE-2024-8525)
CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists which could allow an unauthenticated user to upload files of dangerous types without restrictions, leading to remote command execution. This plugin only works with Tenable.ot. Please visit...
Automated Logic WebCTRL Premium Server Unrestricted Upload of File with Dangerous Type (CVE-2024-8525)
CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists which could allow an unauthenticated user to upload files of dangerous types without restrictions, leading to remote command execution. This plugin only works with Tenable.ot. Please visit...
CVE-2024-8525
CVE-2024-8525 affects Automated Logic WebCTRL 7.0 (Premium Server). The issue is an unrestricted upload of a file with a dangerous type that an unauthenticated attacker can exploit via a crafted HTTP POST to achieve remote command execution and upload of a malicious file. Multiple connected sourc...
CVE-2024-8525 Automated Logic WebCTRL and Carrier i-Vu Unrestricted File Upload
An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could lead to uploading a malicious file...
CVE-2024-8525 Automated Logic WebCTRL and Carrier i-Vu Unrestricted File Upload
An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could lead to uploading a malicious file...
CVE-2024-8525
creationtimestamp| type| source ---|---|--- 2024-11-21 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-326-01 2024-11-21 15:34:18+00:00| seen| https://infosec.exchange/users/cve/statuses/113521672720175626...