183 matches found
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists due to the lack of user authentication. The issue results from missing...
Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getconfig endpoint. The issue results from the lack o...
PT-2023-4360 · Triangle Microworks · Scada Data Gateway
Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: The issue is related to incorrect restriction of a directory path with limited access. This can be exploited by a remote attacker to execute arbitrary code in...
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability
This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
The vulnerability of .NET components in the communication protocol library for connecting components of ASU TP Triangle MicroWorks DNP3 Source Code Library, a control platform for managing public distribution and transmission networks of Schneider Electric Saitel DR RTU, allows a intruder to cause a service failure.
The vulnerability of .NET components in the communication protocol library used for connecting components of ASU systems like Triangle MicroWorks DNP3 Source Code Library in Schneider Electric Saitel DR RTU control platforms lies in the fact that the operation results are stored outside of the...
Triangle MicroWorks SCADA Data Gateway WebMonitor Broadcasts Arbitrary Events Vulnerability
Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. An arbitrary user broadcast event vulnerability exists in the Triangle MicroWorks SCADA Data Gateway WebMonitor, which can be exploited by a remote attacker to submit a special request that can...
Triangle MicroWorks SCADA Data Gateway Formatting String Error Vulnerability
Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. A formatting string error vulnerability exists in Triangle MicroWorks SCADA Data Gateway, which can be exploited by an attacker to execute arbitrary code and gain host privileges...
CVE-2023-2186
On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...
CVE-2023-2186
On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...
CVE-2023-2187
On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event"...
Format string
On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...
CVE-2023-2187
On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event"...
CVE-2023-2187
On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event"...
CVE-2023-2187
CVE-2023-2187 affects Triangle MicroWorks’ SCADA Data Gateway (versions
CVE-2023-2186
CVE-2023-2186 affects Triangle MicroWorks SCADA Data Gateway
Triangle MicroWorks SCADA Data Gateway 格式化字符串错误漏洞
Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. A formatting string error vulnerability exists in Triangle MicroWorks SCADA Data Gateway, which can be exploited by an attacker to execute arbitrary code and gain host privileges...
Triangle MicroWorks SCADA Data Gateway 安全漏洞
Triangle Microworks Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle Microworks, Inc. A security vulnerability exists in Triangle MicroWorks SCADA Data Gateway v5.01.03 and earlier versions, which originates from an unauthenticated attacker being able to send a...
PT-2023-3043 · Triangle Microworks · Scada Data Gateway
Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks' SCADA Data Gateway version = v5.01.03 Description: The issue is related to the use of uncontrolled format strings in the GTWWebMonitor.exe executable file of the SCADA Data Gateway system. An unauthenticated attacker can...
PT-2023-5841 · Triangle Microworks · Triangle Microworks Scada Data Gateway
Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows remote attackers to write arbitrary files on affected installations, potentially enabling them to execute code in the context of root. The...
PT-2023-5840 · Triangle Microworks · Triangle Microworks Scada Data Gateway
Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. The specific flaw...