5 matches found
CVE-2021-43938
Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization...
Authorization
Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization...
CVE-2021-43938 Elcomplus SmartPTT SCADA Server Information Exposure
Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization...
CVE-2021-43937 Elcomplus SmartPTT SCADA Server Cross-site Request Forgery
Elcomplus SmartPTT SCADA Server web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request...
Elcomplus SmartPTT SCADA Server
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Elcomplus Equipment: SmartPTT SCADA Server Vulnerabilities: Cross-site Scripting, Unauthorized Exposure to Sensitive Information, Unrestricted Upload of File with Dangerous Type, Path Traversal,...