Lucene search
K

85 matches found

0day.today
0day.today
added 2017/11/01 12:0 a.m.70 views

SpiderControl SCADA Web Server 2.02.0007 Improper Privilege Management Vulnerability

SpiderControl SCADA Web Server versions 2.02.0007 and below suffer from an improper privilege management vulnerability. Vendor: SpiderControl Equipment: SCADA Web Server Vulnerability: Improper Privilege Management Advisory URL...

7.2CVSS7.6AI score0.00388EPSS
Exploits2
Packet Storm
Packet Storm
added 2017/10/31 12:0 a.m.69 views

SpiderControl SCADA Web Server 2.02.0007 Improper Privilege Management

Vendor: SpiderControl Equipment: SCADA Web Server Vulnerability: Improper Privilege Management Advisory URL https://ipositivesecurity.com/2017/10/28/ics-spidercontrol-scada-web-server-improper-privilege-management-vulnerability/ ICS-CERT Advisory...

7.6AI score0.00388EPSS
Exploits2
CNVD
CNVD
added 2017/10/23 12:0 a.m.5 views

SpiderControl MicroBrowser Arbitrary Code Execution Vulnerability

MicroBrowser is a touch screen operating system. An arbitrary code execution vulnerability exists in SpiderControl MicroBrowser, which allows an attacker to execute arbitrary code on the system by placing a specially crafted DLL file in the search path...

7.8CVSS8.1AI score0.02009EPSS
Exploits0References1
ICS
ICS
added 2017/10/19 12:0 a.m.45 views

SpiderControl MicroBrowser

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: SpiderControl Equipment: MicroBrowser Vulnerability: Uncontrolled Search Path Element AFFECTED PRODUCTS The following versions of SpiderControl MicroBrowser, a touch panel operating system, are affected: MicroBrowser...

7.8CVSS7.9AI score0.02009EPSS
Exploits0References3
OSV
OSV
added 2017/10/05 1:29 a.m.9 views

CVE-2017-12728

An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the...

7.8CVSS6.1AI score0.00388EPSS
Exploits2References2
NVD
NVD
added 2017/10/05 1:29 a.m.25 views

CVE-2017-12728

An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the...

7.8CVSS7.8AI score0.00388EPSS
Exploits2References2
Prion
Prion
added 2017/10/05 1:29 a.m.16 views

Input validation

An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the...

7.2CVSS7.8AI score0.00388EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2017/10/04 7:0 a.m.52 views

CVE-2017-12728

SpiderControl SCADA Web Server is affected: Version 2.02.0007 and earlier suffer from improper privilege management (CWE-269). Authenticated, non-administrative local users can modify the service executable with escalated privileges, potentially enabling arbitrary code execution in the context of...

7.8CVSS7.8AI score0.00388EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2017/10/04 7:0 a.m.26 views

CVE-2017-12728

An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the...

7.8AI score0.00388EPSS
Exploits2References2
CNVD
CNVD
added 2017/09/08 12:0 a.m.6 views

SpiderControl SCADA Web Server Elevation of Privilege Vulnerability

SCADA Web Server is a software management platform. An elevation of privilege vulnerability exists in SpiderControl SCADA Web Server. An authenticated, non-administrative local user could change the service executable with elevated privileges, allowing an attacker to execute arbitrary code in the...

7.8CVSS7.8AI score0.00388EPSS
Exploits2References1
ICS
ICS
added 2017/09/07 12:0 a.m.46 views

SpiderControl SCADA Web Server

CVSS v3 5.3 ATTENTION: Low skill level to exploit Vendor: SpiderControl Equipment: SCADA Web Server Vulnerability: Improper Privilege Management AFFECTED PRODUCTS The following versions of SCADA Web Server, a software management platform, are affected: SCADA Web Server Version 2.02.0007 and prior...

7.8CVSS7.9AI score0.00388EPSS
Exploits2References3
OSV
OSV
added 2017/08/25 7:29 p.m.6 views

CVE-2017-12707

A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Opening a maliciously crafted html file may cause a stack overflow...

9.8CVSS5.8AI score0.02612EPSS
Exploits0References2
NVD
NVD
added 2017/08/25 7:29 p.m.17 views

CVE-2017-12707

A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Opening a maliciously crafted html file may cause a stack overflow...

9.8CVSS9.4AI score0.02612EPSS
Exploits0References2
Prion
Prion
added 2017/08/25 7:29 p.m.14 views

Directory traversal

A Directory Traversal issue was discovered in SpiderControl SCADA Web Server. An attacker may be able to use a simple GET request to perform a directory traversal into system files...

5CVSS7.4AI score0.03842EPSS
Exploits0References2
NVD
NVD
added 2017/08/25 7:29 p.m.23 views

CVE-2017-12694

A Directory Traversal issue was discovered in SpiderControl SCADA Web Server. An attacker may be able to use a simple GET request to perform a directory traversal into system files...

7.5CVSS7.4AI score0.03842EPSS
Exploits0References2
Prion
Prion
added 2017/08/25 7:29 p.m.13 views

Stack overflow

A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Opening a maliciously crafted html file may cause a stack overflow...

7.5CVSS9.3AI score0.02612EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/08/25 7:0 p.m.49 views

CVE-2017-12707

SpiderControl SCADA MicroBrowser suffers a stack-based buffer overflow (CVE-2017-12707) in the handling of StaticHTMLTagsFileName, affecting versions 1.6.30.144 and earlier. The flaw arises from insufficient validation of user-supplied data before copying into a fixed-length stack buffer, enablin...

9.8CVSS9.3AI score0.02612EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/25 7:0 p.m.15 views

CVE-2017-12707

A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Opening a maliciously crafted html file may cause a stack overflow...

9.3AI score0.02612EPSS
Exploits0References2
CVE
CVE
added 2017/08/25 7:0 p.m.53 views

CVE-2017-12694

The CVE-2017-12694 entry describes a Directory Traversal vulnerability in SpiderControl SCADA Web Server. Affected software is the SpiderControl SCADA Web Server; the flaw allows an attacker to perform a path traversal via a simple GET request to access system files. Impact is read access to rest...

7.5CVSS7.4AI score0.03842EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/25 7:0 p.m.18 views

CVE-2017-12694

A Directory Traversal issue was discovered in SpiderControl SCADA Web Server. An attacker may be able to use a simple GET request to perform a directory traversal into system files...

7.4AI score0.03842EPSS
Exploits0References2
Rows per page
Query Builder