47 matches found
CVE-2022-29951
JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol configurable on ports 1024-65534 on either TCP or UDP for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing...
Siemens S7-1200 - Unauthenticated Start / Stop Command Vulnerability
Exploit Title: Unauthenticated Siemens S7-1200 CPU Start/Stop Command Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/global/en.html Version: V4.5 and below Tested on: Siemens S7-1200 CPU: 1215C IP == PLC IP address Start Command curl -i -s -k -X $'POST' \ -H $'Host: ' -H...
Siemens S7-1200 - Unauthenticated Start/Stop Command
Exploit Title: Unauthenticated Siemens S7-1200 CPU Start/Stop Command Date: 09/03/2022 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/global/en.html Version: V4.5 and below Tested on: Siemens S7-1200 CPU: 1215C IP == PLC IP address Start Command curl -i -s -k -X $'POST' \ -...
CVE-2021-38481
The scheduler service running on a specific TCP port enables the user to start and stop jobs. There is no sanitation of the supplied JOB ID provided to the function. An attacker may send a malicious payload that can enable the user to execute another SQL expression by sending a specific string...
Spoofing
The scheduler service running on a specific TCP port enables the user to start and stop jobs. There is no sanitation of the supplied JOB ID provided to the function. An attacker may send a malicious payload that can enable the user to execute another SQL expression by sending a specific string...
PT-2021-7667 · Adobe · Coldfusion
Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier Description: The issue is related to the use of hard-coded credentials in Adobe ColdFusion, which could result in application denial-of-service by gaining access to...
CVE-2020-10049
A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V2.10.2. The start-stop scripts for the services of the affected application could allow a local attacker to include arbitrary commands that are executed when services are started or stopped interactively by system...
Design/Logic Flaw
A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V2.10.2. The start-stop scripts for the services of the affected application could allow a local attacker to include arbitrary commands that are executed when services are started or stopped interactively by system...
Opto 22 SoftPAC Project Access Control Error Vulnerability
Opto 22 SoftPAC Project is an automation software suite from Opto 22 USA. The product is capable of providing industrial automation, process control, building automation, remote monitoring, data acquisition and industrial IoT. An Access Control Error vulnerability exists in Opto 22 SoftPAC Projec...
ICSA-20-063-02_PHOENIX CONTACT Emalytics Controller ILC
1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Phoenix Contact Equipment: Emalytics Controller ILC 2050 BIL Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability...
CVE-2019-5013
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this...
Siemens SIMATIC S7-300 PLC Privilege Bypass Vulnerability
The Siemens SIMATIC S7-300 CPU is a modular general-purpose controller from Siemens for the manufacturing industry. The Siemens SIMATIC S7-300 PLC module is vulnerable to an unauthorized, execute CPU attack via privilege bypass. An attacker can construct special application layer data messages th...
Privilege Bypass Vulnerability in Schneider Electric P3420 PLC Module
Schneider Electric Modicon M340 PLC is a programmable controller product of Schneider Electric France. A privilege bypass vulnerability exists in the Schneider Electric P3420 PLC module. An attacker can cause the PLC to start and stop by constructing PLC start-stop data messages using private...
PT-2019-16789 · Crestron · Crestron Am-100 +1
Name of the Vulnerable Software and Affected Versions: Crestron AM-100 version 1.6.0.2 Crestron AM-101 version 2.7.0.2 Description: The issue allows a remote, unauthenticated attacker to act as a moderator for a slide show by sending crafted HTTP POST requests to the "conference.cgi" endpoint. Th...
Remote Control Vulnerability in MAC1100 PLCs
The MAC1100 PLC Programmable Logic Controller PLC is a product in the Dalian Computer Control DCCE Programmable Logic Controller PLC series. A remote control vulnerability exists in the MAC1100 PLC. An attacker can use the vulnerability to remotely and directly control the start and stop of the...
CVE-2017-18240
The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL when the service is...
ICMPExfil - Exfiltrate data with ICMP
ICMP Exfil allows you to transmit data via valid ICMP packets. You use the client script to pass in data you wish to exfiltrate, then on the device you're transmitting to you run the server. Anyone watching-- human or security system-- will just see valid ICMP packets, there's nothing malicious...
Siemens 300/400 Series PLC Remote Control Vulnerability
Programmable controller PLC is developed on the basis of relay control and computer control, and gradually developed into a new type of industrial automatic control device based on microprocessor and integrating modern technologies such as computer technology, automatic control technology and...
Siemens Simatic S7 1200 CPU Command Module (MSF) Exploit
Exploit for hardware platform in category remote exploits Exploit Title: Simatic S7 1200 CPU command module Date: 15-12-2015 Exploit Author: Nguyen Manh Hung Vendor Homepage: http://www.siemens.com/ Tested on: Siemens Simatic S7-1214C CVE : None require 'msf/core' class Metasploit3 'Simatic S7-12...
Siemens Simatic S7 1200 - CPU Command Module (Metasploit)
Siemens Simatic S7 1200 - CPU Command Module Metasploit Exploit Title: Simatic S7 1200 CPU command module Date: 15-12-2015 Exploit Author: Nguyen Manh Hung Vendor Homepage: http://www.siemens.com/ Tested on: Siemens Simatic S7-1214C CVE : None require 'msf/core' class Metasploit3 'Simatic S7-1200...