The vulnerability of the Taserver web service on the TeNIX operating system for programmable logic controllers MFC1500 and MFC3000 allows a perpetrator to execute arbitrary code.

The vulnerability of the TAserver web service for the TeNIX programmable logic controllers MFC1500 and MFC3000 lies in the lack of name filtering when generating a 404 HTTP error page. As a result, the name of the non-existent web page is passed unchanged to the generated error page. Exploiting...

The vulnerability of the TeNIX operating system for programmable logic controllers MFC1500 and MFC3000 allows a hacker to gain full access to the system.

The vulnerability of the TeNIX operating system for programmable logic controllers MFC1500 and MFC3000 is related to the use of a default weak password for the root account, information about which is not available in the documentation. Exploiting this vulnerability could allow an attacker,...

Rockwell Automation MicroLogix Detection Consolidation

Consolidation of Rockwell Automation MicroLogix detections. This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

NA300 PLC has a logic design flaw

The NA300 PLC is a mid-size programmable controller. A logic design vulnerability exists in the NA300 PLC. An attacker can illegally read the internal logic program of the PLC by constructing specific packets...

NA300 PLC has an unauthorized operation vulnerability

The NA300 PLC is a mid-size programmable controller. An unauthorized operation vulnerability exists in the NA300 PLC. An attacker can exploit the vulnerability to remotely tamper with the MAIN program in the PLC...

Unauthorized operation vulnerability in NA300 PLC (CNVD-2018-26208)

The NA300 PLC is a mid-size programmable controller. An unauthorized operation vulnerability exists in the NA300 PLC. An attacker can exploit the vulnerability to remotely tamper with system inputs and outputs, variable values, etc...

NA300 PLC has information leakage vulnerability

The NA300 PLC is a mid-size programmable controller. An information disclosure vulnerability exists in the NA300 PLC. An attacker can exploit the vulnerability to disclose the PLC ftp service account and password...

Weak password vulnerability in NA300 PLC

The NA300 PLC is a mid-size programmable controller. A weak password vulnerability exists in the NNA300 PLC. An attacker could gain full control of the PLC through this vulnerability...

Buffer Overflow Vulnerability in NA300 PLCs

The NA300 PLC is a mid-size programmable controller. A buffer overflow vulnerability exists in the NA300 PLC. The vulnerability stems from et failing to properly handle functions. An attacker can overwrite the return address by constructing a variable length that exceeds variable v30...

Command Injection Vulnerability in NA300 PLC

The NA300 PLC is a mid-size programmable controller. A command injection vulnerability exists in the NA300 PLC. The vulnerability stems from the failure of the system's ehtdbg program to properly handle input parameters, which allows an attacker to bypass checks and inject commands via constructe...

Delta WPLSoft suffers from a buffer overflow vulnerability

WPLSoft is a plc programming tool. A buffer overflow vulnerability exists in Delta WPLSoft. An attacker can construct malformed data to cause the software to crash...

Micronet INplc-RT Buffer Overflow Vulnerability

Micronet INplc-RT is a software-defined PLC Programmable Logic Controller from Micronet Japan. A buffer overflow vulnerability exists in Micronet INplc-RT version 3.08 and earlier. A remote attacker could exploit this vulnerability to cause a denial of service or execute arbitrary code...

The vulnerability of microprogrammed software in Schneider Electric Modicon M221 programmable logic controllers arises from deficiencies in the authentication process, which allows attackers to bypass the authentication procedures.

The vulnerability of the microprogrammed software in Schneider Electric Modicon M221 programmable logic controllers is due to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to bypass the authentication process remotely...

The vulnerability of microprogrammed software in Schneider Electric Modicon M221 programmable logic controllers is caused by access control errors, which allow attackers to decode passwords.

The vulnerability of the microprogrammed software in Schneider Electric Modicon M221 programmable logic controllers is caused by access control errors. Exploiting this vulnerability could allow an attacker to decode passwords using a rainbow table...

The vulnerability of the microprogrammed software of Schneider Electric Modicon M221, caused by errors in handling exceptional states, allows a intruder to perform a system reboot.

The vulnerability of the microprogrammed software in Schneider Electric Modicon M221 programmable logic controllers arises due to errors in handling exceptional states. Exploiting this vulnerability can allow an attacker to remotely perform a system reboot...

CVE-2018-7790

An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a...

Schneider Electric Modicon M221 Authentication Sequence Replay Vulnerability

The Modicon M221 is a logic controller from Schneider Electric. The Schneider Electric Modicon M221 suffers from an authentication sequence replay vulnerability that can be exploited by an attacker to replay the authentication sequence, which can be used to connect to the Modicon M221 and upload...

Denial of Service Vulnerability in Hologic LE5109L PLC (CNVD-2018-18910)

HOLLIS Group is a professional automation company integrating R&D, production, sales and technical service. A denial of service vulnerability exists in the HELISE LE5109L PLC, which can be exploited by an attacker to cause a denial of service in the PLC by unauthorized construction of specific...

Remote Control Vulnerability in HOLLYWOOD LE5109L PLCs

HOLLIS Group is a professional automation company integrating R&D, production, sales and technical service. A remote control vulnerability exists in the HELISE LE5109L PLC, which can be exploited by an attacker to cause the PLC to be remotely controlled by constructing specific private protocol...

Denial of Service Vulnerability in Hologic LE5109L PLC (CNVD-2018-18909)

HOLLIS Group is a professional automation company integrating R&D, production, sales and technical service. A denial of service vulnerability exists in the HELISE LE5109L PLC, which can be exploited by an attacker to cause a denial of service in the PLC by constructing specific private protocol...