Lucene search
+L

183 matches found

Zero Day Initiative
Zero Day Initiative
added 2023/08/04 12:0 a.m.25 views

(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists due to the lack of user authentication. The issue results from missing...

9.8CVSS7.6AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/04 12:0 a.m.18 views

Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getconfig endpoint. The issue results from the lack o...

5.3CVSS6.4AI score0.00926EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/04 12:0 a.m.7 views

PT-2023-4360 · Triangle Microworks · Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: The issue is related to incorrect restriction of a directory path with limited access. This can be exploited by a remote attacker to execute arbitrary code in...

8.3CVSS7.6AI score0.02854EPSS
Exploits0References7
Zero Day Initiative
Zero Day Initiative
added 2023/08/04 12:0 a.m.26 views

(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability

This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6.5CVSS7.3AI score0.01215EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/06/26 12:0 a.m.7 views

The vulnerability of .NET components in the communication protocol library for connecting components of ASU TP Triangle MicroWorks DNP3 Source Code Library, a control platform for managing public distribution and transmission networks of Schneider Electric Saitel DR RTU, allows a intruder to cause a service failure.

The vulnerability of .NET components in the communication protocol library used for connecting components of ASU systems like Triangle MicroWorks DNP3 Source Code Library in Schneider Electric Saitel DR RTU control platforms lies in the fact that the operation results are stored outside of the...

6.5CVSS8AI score0.01349EPSS
Exploits0References4Affected Software2
CNVD
CNVD
added 2023/06/12 12:0 a.m.6 views

Triangle MicroWorks SCADA Data Gateway WebMonitor Broadcasts Arbitrary Events Vulnerability

Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. An arbitrary user broadcast event vulnerability exists in the Triangle MicroWorks SCADA Data Gateway WebMonitor, which can be exploited by a remote attacker to submit a special request that can...

5.3CVSS6.2AI score0.00593EPSS
Exploits0
CNVD
CNVD
added 2023/06/08 12:0 a.m.2 views

Triangle MicroWorks SCADA Data Gateway Formatting String Error Vulnerability

Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. A formatting string error vulnerability exists in Triangle MicroWorks SCADA Data Gateway, which can be exploited by an attacker to execute arbitrary code and gain host privileges...

9.8CVSS9.6AI score0.00706EPSS
Exploits0References1
OSV
OSV
added 2023/06/07 7:15 a.m.6 views

CVE-2023-2186

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

9.8CVSS5.8AI score0.00706EPSS
Exploits0References1
NVD
NVD
added 2023/06/07 7:15 a.m.30 views

CVE-2023-2186

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

9.8CVSS9AI score0.00706EPSS
Exploits0References1
OSV
OSV
added 2023/06/07 7:15 a.m.7 views

CVE-2023-2187

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event"...

5.3CVSS6.1AI score0.00593EPSS
Exploits0References1
Prion
Prion
added 2023/06/07 7:15 a.m.16 views

Format string

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

7.5CVSS9.4AI score0.00706EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/07 6:42 a.m.14 views

CVE-2023-2187

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event"...

5.3CVSS5.3AI score0.00593EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/07 6:42 a.m.30 views

CVE-2023-2187

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event"...

5.3CVSS5.6AI score0.00593EPSS
Exploits0References1
CVE
CVE
added 2023/06/07 6:42 a.m.51 views

CVE-2023-2187

CVE-2023-2187 affects Triangle MicroWorks’ SCADA Data Gateway (versions

5.3CVSS5.3AI score0.00593EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/06/07 6:37 a.m.56 views

CVE-2023-2186

CVE-2023-2186 affects Triangle MicroWorks SCADA Data Gateway

9.8CVSS9.4AI score0.00706EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/06/07 12:0 a.m.7 views

Triangle MicroWorks SCADA Data Gateway 格式化字符串错误漏洞

Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. A formatting string error vulnerability exists in Triangle MicroWorks SCADA Data Gateway, which can be exploited by an attacker to execute arbitrary code and gain host privileges...

9.8CVSS7.8AI score0.00706EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/07 12:0 a.m.9 views

Triangle MicroWorks SCADA Data Gateway 安全漏洞

Triangle Microworks Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle Microworks, Inc. A security vulnerability exists in Triangle MicroWorks SCADA Data Gateway v5.01.03 and earlier versions, which originates from an unauthenticated attacker being able to send a...

5.3CVSS5.7AI score0.00593EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/29 12:0 a.m.7 views

PT-2023-3043 · Triangle Microworks · Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks' SCADA Data Gateway version = v5.01.03 Description: The issue is related to the use of uncontrolled format strings in the GTWWebMonitor.exe executable file of the SCADA Data Gateway system. An unauthenticated attacker can...

9.8CVSS9.2AI score0.00706EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/02/24 12:0 a.m.5 views

PT-2023-5841 · Triangle Microworks · Triangle Microworks Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows remote attackers to write arbitrary files on affected installations, potentially enabling them to execute code in the context of root. The...

6.2CVSS7.4AI score0.01028EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/02/24 12:0 a.m.8 views

PT-2023-5840 · Triangle Microworks · Triangle Microworks Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. The specific flaw...

5.3CVSS7.3AI score0.00247EPSS
Exploits0References8
Rows per page
Query Builder