Lucene search
K

36 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-12968

Malware in sbrugna...

7.5CVSS7.6AI score0.01592EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 7:22 a.m.9 views

CVE-2018-20410

WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer AEserver.exe service listening on TCP port 12401...

7.5CVSS7.1AI score0.01592EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.201 views

7-Technologies IGSS 9 IGSSdataServer.exe Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule '7-Technologies IGSS 9 IGSSdataServer.exe DoS', 'Description' = %q The 7-Technologies SCADA IGSS Data Server IGSSdataServer.exe 'jfa', Metasploit...

5CVSS7AI score0.21149EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2023/03/23 12:0 a.m.7 views

The vulnerability lies in the executable file IGSSdataServer.exe of the SCADA system’s data server, IGSS Data Server, as well as the executable file DashBoard.exe of the IGSS Dashboard. Additionally, the RMS16.dll library from the report module Custom Reports allows a perpetrator to execute arbitrary code.

The vulnerability of the IGSSdataServer.exe executable of the SCADA system’s data server, the DashBoard.exe executable of the IGSS Dashboard, and the RMS16.dll library of the report module Custom Reports is related to insufficient verification of data authenticity. Exploiting this vulnerability...

10CVSS8AI score0.00403EPSS
Exploits0References4Affected Software3
Zero Day Initiative
Zero Day Initiative
added 2023/03/16 12:0 a.m.23 views

Schneider Electric IGSS IGSSdataServer Exposed Dangerous Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IGSSdataServer process, which listens on TCP port 12401 by default. The issu...

8.1CVSS8.4AI score0.00403EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/03/16 12:0 a.m.24 views

Schneider Electric IGSS IGSSdataServer Exposed Dangerous Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IGSSdataServer process, which listens on TCP port 12401 by default. The issu...

8.1CVSS8.4AI score0.00881EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/03/16 12:0 a.m.24 views

Schneider Electric IGSS IGSSdataServer Exposed Dangerous Function Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IGSSdataServer process, which listens on TCP port 12401 by...

6.5CVSS7.5AI score0.00242EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/03/16 12:0 a.m.20 views

Schneider Electric IGSSdataServer Exposed Dangerous Function Data Deletion Vulnerability

This vulnerability allows remote attackers to delete application-level data on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IGSSdataServer process, which listens on TCP port 12401 by default. T...

6.5CVSS5.7AI score0.00437EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/02/11 12:0 a.m.34 views

Schneider Electric IGSS Out-Of-Bounds Read Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by...

7.5CVSS7.3AI score0.19255EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2022/02/11 12:0 a.m.24 views

Schneider Electric IGSS IGSSDataServer Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by default. The issu...

9.8CVSS9.4AI score0.44559EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2022/02/11 12:0 a.m.18 views

Schneider Electric IGSS Missing Authentication Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by default...

5.3CVSS7.4AI score0.01206EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2022/02/11 12:0 a.m.40 views

Schneider Electric IGSS IGSSdataServer Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by default. The issu...

9.8CVSS9.4AI score0.03505EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2022/02/11 12:0 a.m.40 views

Schneider Electric IGSS IGSSdataServer Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by default. The issu...

9.8CVSS9.4AI score0.03463EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2022/02/11 12:0 a.m.14 views

Schneider Electric IGSS IGSSdataServer Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by default...

5.3CVSS7.5AI score0.01273EPSS
Exploits0References2
Prion
Prion
added 2018/12/24 2:29 a.m.20 views

Stack overflow

WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer AEserver.exe service listening on TCP port 12401...

5CVSS7.6AI score0.01592EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2018/12/24 2:29 a.m.4 views

CVE-2018-20410

WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer AEserver.exe service listening on TCP port 12401...

7.5CVSS6.3AI score0.01592EPSS
Exploits1References2
CNVD
CNVD
added 2018/12/24 12:0 a.m.3 views

WellinTech KingSCADA stack buffer overflow vulnerability (CNVD-2019-04902)

WellinTech KingSCADA is a set of cross-platform SCADA system software from China Asian Control WellinTech Company. The software features modeling applications, remote centralized management and deployment, simultaneous development by multiple people, data acquisition and processing. A stack buffe...

7.5CVSS7.4AI score0.01592EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2017/09/15 12:0 a.m.58 views

KingScada AlarmServer 3.1.2.13 Buffer Overflow

require 'msf/core' class MetasploitModule 'KingScada AlarmServer Stack Buffer Overflow', 'Description' = %q This module exploits a stack based buffer overflow found in KingScada 'James Fitts' , 'License' = MSFLICENSE, 'References' = 'CVE', '2014-0787' , 'ZDI', '14-071' , 'URL',...

10CVSS1.6AI score0.1602EPSS
Exploits5
exploitpack
exploitpack
added 2017/09/14 12:0 a.m.27 views

KingScada AlarmServer 3.1.2.13 - Remote Stack Buffer Overflow (Metasploit)

KingScada AlarmServer 3.1.2.13 - Remote Stack Buffer Overflow Metasploit require 'msf/core' class MetasploitModule 'KingScada AlarmServer Stack Buffer Overflow', 'Description' = %q This module exploits a stack based buffer overflow found in KingScada 'James Fitts' , 'License' = MSFLICENSE,...

1.3AI score0.1602EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.39 views

7-Technologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities

No description provided by source. $Id: igss9misc.rb 12779 2011-05-31 14:33:19Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

7.1AI score
Exploits0
Rows per page
Query Builder