Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ICS
ICSadded 2023/01/24 12:0 a.m.24 views

XINJE XD

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low attack complexity/public exploits are available Vendor: XINJE Equipment: XINJE XD Programing Tool Vulnerabilities: Relative Path Traversal, Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

7.3CVSS8.2AI score0.00574EPSS
Exploits2References4
OSV
OSVadded 2022/05/11 3:15 p.m.1 views

CVE-2021-34606

A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential attacker must have access to the system and...

7.3CVSS6AI score
Exploits0References1
Prion
Prionadded 2022/05/11 3:15 p.m.16 views

Design/Logic Flaw

A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential attacker must have access to the system and...

6.9CVSS7.3AI score0.00051EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2022/05/11 3:15 p.m.11 views

Information disclosure

A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an uplo...

6CVSS7.5AI score0.00574EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/05/11 2:25 p.m.15 views

CVE-2021-34606 XINJE XD/E Series PLC Program Tool DLL Hijacking

A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential attacker must have access to the system and...

7.3CVSS7.5AI score0.00051EPSS
Exploits1References1
CVE
CVEadded 2022/05/11 2:25 p.m.61 views

CVE-2021-34606

CVE-2021-34606 affects XINJE XD/E Series PLC Program Tool up to version 3.5.1. The issue is due to an Uncontrolled Search Path Element (DLL hijacking) that could allow an authenticated, local attacker with file-write privileges to place a malicious DLL and cause arbitrary code execution with the ...

7.3CVSS7.3AI score0.00051EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2022/05/11 2:25 p.m.58 views

CVE-2021-34605

CVE-2021-34605 affects XINJE XD/E Series PLC Program Tool up to version 3.5.1. A zip-slip flaw in handling a crafted project file could grant arbitrary file write, potentially enabling remote code execution, information disclosure and DoS on the tool. Affected path includes opening a malicious pr...

7.3CVSS7.6AI score0.00574EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder