2 matches found
CVE-2026-9645 ScadaBR Authenticated Remote Code Execution
Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling complete system compromise as commands are executed as root...
The system’s vulnerability regarding data collection and automation process control in ScadaBR, related to unlimited loading of dangerous type files, allows a intruder to execute arbitrary code.
The vulnerability of the ScadaBR system for data collection and automation process control is related to the unlimited loading of dangerous type files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file named viewedit.shtm...