Lucene search
K

191 matches found

Positive Technologies
Positive Technologies
added 2023/08/04 12:0 a.m.3 views

PT-2023-4408 · Triangle Microworks · Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows remote attackers to create arbitrary files on affected installations. User interaction is required, where the target must visit a malicious...

7.8CVSS6.6AI score0.00954EPSS
Exploits0References7
Zero Day Initiative
Zero Day Initiative
added 2023/08/04 12:0 a.m.57 views

Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of certificate web directory. The issue...

5.3CVSS6.2AI score0.00539EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/04 12:0 a.m.18 views

Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getconfig endpoint. The issue results from the lack o...

5.3CVSS6.4AI score0.00926EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/04 12:0 a.m.4 views

PT-2023-4359 · Triangle Microworks · Triangle Microworks Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is...

8.3CVSS7.9AI score0.01002EPSS
Exploits0References7
CNVD
CNVD
added 2023/06/12 12:0 a.m.5 views

Triangle MicroWorks SCADA Data Gateway WebMonitor Broadcasts Arbitrary Events Vulnerability

Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. An arbitrary user broadcast event vulnerability exists in the Triangle MicroWorks SCADA Data Gateway WebMonitor, which can be exploited by a remote attacker to submit a special request that can...

5.3CVSS6.2AI score0.00593EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/06/09 12:0 a.m.8 views

The vulnerability of the executable file GTWWebMonitor.exe in the SCADA system SCADA Data Gateway allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of the GTWWebMonitor.exe executable in the SCADA system SCADA Data Gateway is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow a malicious actor to cause service interruptions or execute arbitrary code by sending specially crafted...

8.5CVSS8.1AI score0.00706EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/09 12:0 a.m.6 views

The vulnerability of the WebMonitor component in the SCADA system’s SCADA Data Gateway (SDG) allows a intruder to bypass authentication procedures and increase their privileges.

The vulnerability of the WebMonitor component in the SCADA system, specifically the SCADA Data Gateway SDG, is related to the lack of authentication for a critical function. Exploiting this vulnerability allows an intruder to bypass the authentication procedures and enhance their privileges by...

5.3CVSS5.9AI score0.00593EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2023/06/08 12:0 a.m.2 views

Triangle MicroWorks SCADA Data Gateway Formatting String Error Vulnerability

Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. A formatting string error vulnerability exists in Triangle MicroWorks SCADA Data Gateway, which can be exploited by an attacker to execute arbitrary code and gain host privileges...

9.8CVSS9.6AI score0.00706EPSS
Exploits0References1
OSV
OSV
added 2023/06/07 7:15 a.m.5 views

CVE-2023-2187

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event"...

5.3CVSS6.1AI score0.00593EPSS
Exploits0References1
NVD
NVD
added 2023/06/07 7:15 a.m.23 views

CVE-2023-2187

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event"...

5.3CVSS5.3AI score0.00593EPSS
Exploits0References1
NVD
NVD
added 2023/06/07 7:15 a.m.28 views

CVE-2023-2186

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

9.8CVSS9AI score0.00706EPSS
Exploits0References1
Prion
Prion
added 2023/06/07 7:15 a.m.16 views

Design/Logic Flaw

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event"...

5CVSS5.2AI score0.00593EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/06/07 7:15 a.m.15 views

Format string

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

7.5CVSS9.4AI score0.00706EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/06/07 6:42 a.m.48 views

CVE-2023-2187

CVE-2023-2187 affects Triangle MicroWorks’ SCADA Data Gateway (versions

5.3CVSS5.3AI score0.00593EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/07 6:42 a.m.27 views

CVE-2023-2187

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event"...

5.3CVSS5.6AI score0.00593EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/07 6:42 a.m.13 views

CVE-2023-2187

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event"...

5.3CVSS5.3AI score0.00593EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/07 6:37 a.m.31 views

CVE-2023-2186

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

8.2CVSS9.8AI score0.00706EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/07 6:37 a.m.10 views

CVE-2023-2186

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

8.2CVSS7.2AI score0.00706EPSS
Exploits0References1
CVE
CVE
added 2023/06/07 6:37 a.m.55 views

CVE-2023-2186

CVE-2023-2186 affects Triangle MicroWorks SCADA Data Gateway

9.8CVSS9.4AI score0.00706EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/06/07 12:0 a.m.7 views

Triangle MicroWorks SCADA Data Gateway 安全漏洞

Triangle Microworks Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle Microworks, Inc. A security vulnerability exists in Triangle MicroWorks SCADA Data Gateway v5.01.03 and earlier versions, which originates from an unauthenticated attacker being able to send a...

5.3CVSS5.7AI score0.00593EPSS
Exploits0References2
Rows per page
Query Builder