CVE-2024-21870

A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this...

CVE-2024-21870

A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this...

CVE-2024-21870

CVE-2024-21870 affects Open Automation Software OAS Platform V19.00.0057. Talos reports a file write vulnerability in the OAS Engine Tags Configuration: a sequence of authenticated requests can create or overwrite arbitrary files via the File Data Source/Tag configuration path, potentially leadin...

Open Automation Software OAS Platform OAS Engine Tags Configuration file write vulnerability

Talos Vulnerability Report TALOS-2024-1950 Open Automation Software OAS Platform OAS Engine Tags Configuration file write vulnerability April 3, 2024 CVE Number CVE-2024-21870 SUMMARY A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software...

PT-2024-19104 · Open Automation · Open Automation Software Oas Platform

Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 19.00.0057 Description: A file write issue exists in the OAS Engine Tags Configuration functionality. This can be exploited by sending a specially crafted series of network requests, leading to...