117 matches found
CVE-2026-10057
ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...
CVE-2026-10058
ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...
CVE-2026-10057 ITP Technology|ITS Intelligent SCADA System - Stored Cross-Site Scripting
ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...
CVE-2026-10057 ITP Technology|ITS Intelligent SCADA System - Stored Cross-Site Scripting
ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...
EUVD-2026-33267
ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...
CVE-2026-10057
CVE-2026-10057 affects the ITS Intelligent SCADA System from ITP Technology. The vulnerability is a Stored Cross-Site Scripting (XSS) issue that lets privileged remote attackers inject persistent JavaScript that runs in users’ browsers when a page loads. The available documents confirm the affect...
PT-2026-44763
ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...
PT-2026-44764
ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...
PT-2026-43562
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table. This can resu...
Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access
CVE-2026-1731 — BeyondTrust Remote Support & PRA Pre-auth RCE...
CVE-2026-7490
CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
BeyondTrust RS 25.3.1 PRA/RS Mass Scanner
This Metasploit module is a safe auxiliary scanner for the Metasploit Framework designed to identify potentially vulnerable deployments of BeyondTrust Privileged Remote Access and BeyondTrust Remote Support that are susceptible to CVE-2026-1731...
Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access
BeyondTrust CVE-2026-1731 Scanner Professional Python scanner...
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support RS and Privileged Remote Access PRA products to conduct a wide range of malicious actions, including deploying VShell and Spark RAT. The vulnerability, tracked as...
Vulnerability fixed in BeyondTrust Remote Support
BeyondTrust has fixed a vulnerability in BeyondTrust Remote Support and some older versions of Privileged Remote Access. The vulnerability is in the software's pre-authentication, which allows unauthenticated attackers to execute operating system commands by sending specially crafted requests to...
Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability
Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support RS and Privileged Remote Access PRA products, according to watchTowr. "Overnight we observed first in-the-wild exploitation of BeyondTrust across our global sensors," Ryan...
BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability
BeyondTrust Remote Support RS and Privileged Remote Access PRAcontain an OS command injection vulnerability. Successful exploitation could allow an unauthenticated remote attacker to execute operating system commands in the context of the site user. Successful exploitation requires no...
Exploit for CVE-2026-1731
CVE-2026-1731 BeyondTrust Remote Support Pre-Auth RCE PoC...
CVE-2026-1731: Critical Unauthenticated Remote Code Execution in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)
Overview On February 6, 2026, BeyondTrust released security advisory BT26-02, disclosing a critical pre-authentication Remote Code Execution RCE vulnerability affecting its Remote Support RS and Privileged Remote Access PRA products. Assigned CVE-2026-1731 and a near-maximum CVSSv4 score of 9.9,...
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
BeyondTrust has released updates to address a critical security flaw impacting Remote Support RS and Privileged Remote Access PRA products that, if successfully exploited, could result in remote code execution. "BeyondTrust Remote Support RS and certain older versions of Privileged Remote Access...