CVE-2025-32835

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariableArchivingBuffering' method. This could allow an authenticated remote attacker to bypass authorization...

CVE-2025-32834

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariablesWithImport' method. This could allow an authenticated remote attacker to bypass authorization...

CVE-2025-32833

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32831

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectUserRights' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32830

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32828

CVE-2025-32828 affects Siemens TeleControl Server Basic (all versions

CVE-2025-32828

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectCrossCommunications' method. This could allow an authenticated remote attacker to bypass authorization controls,...

CVE-2025-32828

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectCrossCommunications' method. This could allow an authenticated remote attacker to bypass authorization controls,...

CVE-2025-32827

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ActivateProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32827

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ActivateProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32825

Vulnerability summary: TeleControl Server Basic (Siemens) versions prior to 3.1.2.2 suffer an SQL injection in the internal GetProjects method. This can let an authenticated remote attacker bypass authorization, read/write the database, and execute code with NT AUTHORITY\NetworkService permission...

CVE-2025-32824

CVE-2025-32824 affects Siemens TeleControl Server Basic up to version V3.1.2.2. The vulnerability is a SQL injection in the internal UnlockProject method, allowing an authenticated remote attacker to bypass authorization, read/write the database, and potentially execute code with NT AUTHORITY\Net...

CVE-2025-32822

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'DeleteProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32822

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'DeleteProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-32475

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-31352

TeleControl Server Basic (versions

CVE-2025-31352

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateGateways' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-31351

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'CreateProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

CVE-2025-31351

CVE-2025-31351 affects Siemens TeleControl Server Basic (all versions

CVE-2025-31350

CVE-2025-31350 affects Siemens TeleControl Server Basic (versions before 3.1.2.2). A SQL injection in the internal UpdateBufferingSettings method allows an authenticated remote attacker to bypass authorization, read/write the application database, and execute code with NT AUTHORITY\NetworkService...