82 matches found
CVE-2026-8602
In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...
CVE-2026-8604
In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage...
CVE-2026-9646
CVE-2026-9646 describes a reflected cross-site scripting issue in URL handling affecting ScadaBR (Unauthenticated). Root cause: insufficient sanitization/validation of URL input leading to reflected script execution. Impact: low confidentiality and integrity impact; no availability impact reporte...
CVE-2026-9646 ScadaBR Unauthenticated Reflected Cross-Site Scripting
A reflected cross-site scripting issue exists in URL handling...
CVE-2026-9645 ScadaBR Authenticated Remote Code Execution
Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling complete system compromise as commands are executed as root...
CVE-2026-9645
Technical details about CVE-2026-9645 are not publicly available in the provided documents. No explicit affected product/version or root cause is disclosed here. Monitor for updates from the sources.
Sensorweb ScadaBR 安全漏洞
Sensorweb ScadaBR is a set of open-source software developed by Sensorweb Corporation, designed for developing automated data acquisition and monitoring applications. Sensorweb ScadaBR has a security vulnerability, which stems from a reflection-type cross-site scripting issue in URL processing...
Sensorweb ScadaBR 安全漏洞
Sensorweb ScadaBR is a set of open-source software developed by Sensorweb Corporation, designed for developing automated data acquisition and monitoring applications. There is a security vulnerability in Sensorweb ScadaBR. This vulnerability stems from an exposed method that allows authenticated...
CVE-2026-8604
In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage...
CVE-2026-8605
In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin...
EUVD-2026-30963
In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin...
CVE-2026-8605 Use of Hard-coded Credentials in ScadaBR
In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin...
CVE-2026-8604 Cross-Site request forgery (CSRF) in ScadaBR
In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage...
CVE-2026-8604 Cross-Site request forgery (CSRF) in ScadaBR
In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage...
CVE-2026-8604
In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage...
EUVD-2026-30959
In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage...
CVE-2026-8603 Improper neutralization of special elements used in an OS command ('OS command injection') in ScadaBR
In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...
CVE-2026-8602 Missing authentication for critical function in ScadaBR
In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...
CVE-2026-8602
In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...
Sensorweb ScadaBR 信任管理问题漏洞
Sensorweb ScadaBR is a set of open-source software developed by Sensorweb Corporation for creating automated data acquisition and monitoring applications. Version ScadaBR 1.2.0 contains a vulnerability related to trust management. This vulnerability arises from the use of hard-coded credentials,...