3452 matches found
CVE-2025-67653 Advantech WebAccess/SCADA Path Traversal
Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to determine the existence of arbitrary files...
CVE-2025-67653 Advantech WebAccess/SCADA Path Traversal
Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to determine the existence of arbitrary files...
CVE-2025-46268 Advantech WebAccess/SCADA SQL Injection
Advantech WebAccess/SCADA is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands...
CVE-2025-14848 Advantech WebAccess/SCADA Absolute Path Traversal
Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files...
CVE-2025-14848
Advantech WebAccess/SCADA is affected by an absolute directory traversal vulnerability that may allow an attacker to determine the existence of arbitrary files. Affected product: Advantech WebAccess/SCADA. Root cause: absolute path traversal leading to potential information disclosure. Impact: al...
CVE-2025-14849 Advantech WebAccess/SCADA Unrestricted Upload of File with Dangerous Type
Advantech WebAccess/SCADA is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code...
CVE-2025-14849 Advantech WebAccess/SCADA Unrestricted Upload of File with Dangerous Type
Advantech WebAccess/SCADA is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code...
CVE-2025-14849
CVE-2025-14849 affects Advantech WebAccess/SCADA. The vulnerability is an unrestricted file upload that could allow remote code execution. Public details in the provided documents do not specify affected versions or a patch; exploitation details are not disclosed.
CVE-2025-13911
CVE-2025-13911 affects Inductive Automation Ignition SCADA, where Python scripting is used for automation. The root cause is insufficient controls on which Python libraries can be imported/executed within the scripting environment, paired with an Ignition service account that has system-level Win...
PT-2025-52337
Name of the Vulnerable Software and Affected Versions Advantech WebAccess/SCADA affected versions not specified Description Advantech WebAccess/SCADA is susceptible to a SQL injection issue. Successful exploitation could allow an attacker to execute arbitrary SQL commands. Recommendations At the...
Advantech WebAccess/SCADA 路径遍历漏洞
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. Advantech WebAccess/SCADA suffers from a...
PT-2025-52334
Name of the Vulnerable Software and Affected Versions Advantech WebAccess/SCADA affected versions not specified Description Advantech WebAccess/SCADA is susceptible to an absolute directory traversal issue. This flaw could allow an attacker to identify the existence of arbitrary files...
Advantech WebAccess/SCADA SQL注入漏洞
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. An SQL injection vulnerability exists in...
Advantech WebAccess/SCADA 路径遍历漏洞
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. A directory traversal vulnerability exists in...
PT-2025-52336
Name of the Vulnerable Software and Affected Versions Advantech WebAccess/SCADA affected versions not specified Description Advantech WebAccess/SCADA is susceptible to a directory traversal issue. This could allow an attacker to delete arbitrary files. Recommendations At the moment, there is no...
PT-2025-52333
Name of the Vulnerable Software and Affected Versions Ignition SCADA applications affected versions not specified Description The issue concerns Ignition SCADA applications utilizing Python scripting for automation. A lack of security controls regarding Python library imports and execution allows...
OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability
OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via viewedit.shtm...
CVE-2025-13791
A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common.getHomeDir of the file br/org/scadabr/vo/exporter/ZIPProjectManager.java of the component Project Import. Such manipulation leads to path traversal. The attack may be launched remotely. The exploit is...
CVE-2025-13790
A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure...
CVE-2025-13791
A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common.getHomeDir of the file br/org/scadabr/vo/exporter/ZIPProjectManager.java of the component Project Import. Such manipulation leads to path traversal. The attack may be launched remotely. The exploit is...