Lucene search
K

6 matches found

Zero Day Initiative
Zero Day Initiative
added 2019/01/19 12:0 a.m.27 views

LAquis SCADA Web Server Hardcoded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of login requests to the product's webserver. The product contains...

7.5CVSS1.6AI score0.02375EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/01/19 12:0 a.m.16 views

LAquis SCADA LGX Report MemoryReadWord Untrusted Pointer Dereference Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

5CVSS1.3AI score0.02572EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/01/19 12:0 a.m.20 views

LAquis SCADA LGX Report File Open Path Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

5CVSS1.2AI score0.02572EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/01/19 12:0 a.m.15 views

LAquis SCADA LGX Report MemoryReadLong Untrusted Pointer Dereference Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

5CVSS1.3AI score0.02572EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/01/19 12:0 a.m.25 views

LAquis SCADA Web Server relatorioindividual TITULO Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to relatorioindividual.lhtml. When parsing the TITULO...

7.5CVSS4.3AI score0.01984EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/01/19 12:0 a.m.26 views

LAquis SCADA Web Server relatorionome TAG Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to relatorionome.lhtml. When parsing the TAG Element, th...

7.5CVSS3.9AI score0.02462EPSS
Exploits0References1
Rows per page
Query Builder