Lucene search
K

378 matches found

CNVD
CNVD
added 2025/04/22 12:0 a.m.4 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08606)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method UpdateGeneralSettings, which can be exploited by an attacker to bypass authorization...

8.8CVSS8.3AI score0.00604EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.4 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08592)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the LockWebServerGatewaySettings method, which can be exploited by an attacker to bypass...

8.8CVSS8.2AI score0.0049EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.6 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08350)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method CreateProject, which can be exploited by an attacker to bypass...

8.8CVSS8.1AI score0.00648EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.6 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08373)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the LockTraceLevelSettings method, which can be exploited by an attacker to bypass...

8.8CVSS8.2AI score0.0049EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.5 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08610)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, UnlockGateway, which can be exploited by an attacker to bypass authorization controls an...

8.8CVSS8.3AI score0.00604EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.5 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08367)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the GetLogs method, which can be exploited by an attacker to bypass authorization contro...

8.8CVSS8.2AI score0.00525EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.5 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09142)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from the internally used 'LockProject' method. An attacker could exploit the vulnerability to cause bypass of...

8.8CVSS7.8AI score0.00604EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.4 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08608)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, LockUser, which can be exploited by an attacker to bypass authorization controls and...

8.8CVSS8.3AI score0.00604EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.4 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08354)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateUsers, which can be exploited by an attacker to bypass...

8.8CVSS8.1AI score0.00648EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.5 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08353)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateDatabaseSettings, which can be exploited by an attacker to bypas...

8.8CVSS8.2AI score0.00648EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.5 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09140)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from the internally used 'UnlockProject' method. An attacker could exploit the vulnerability to cause bypass of...

8.8CVSS7.8AI score0.00604EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.6 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08593)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the UpdateWebServerGatewaySettings method, which can be exploited by an attacker to cause...

8.8CVSS7.8AI score0.0049EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.6 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09141)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that stems from the lack of proper filtering of input in the internally used 'DeleteProject' method. An attacker could exploit th...

8.8CVSS7.8AI score0.00604EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.5 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08605)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method LockGeneralSettings, which can be exploited by an attacker to bypass authorization contro...

8.8CVSS8.3AI score0.00604EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.5 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09148)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method UpdateProjectCrossCommunications that can be exploited by an attacker to bypass...

8.8CVSS8.3AI score0.00604EPSS
Exploits0References1
CVE
CVE
added 2025/04/17 11:5 a.m.54 views

CVE-2025-29931

CVE-2025-29931 affects Siemens TeleControl Server Basic versions prior to 3.1.2.2. The issue arises from insufficient validation of a length field in a serialized message, used to size memory for deserialization, which could allow an unauthenticated remote attacker to force excessive memory alloc...

6.3CVSS6.9AI score0.00356EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/17 11:5 a.m.20 views

CVE-2025-29931

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected product does not properly validate a length field in a serialized message which it uses to determine the amount of memory to be allocated for deserialization. This could allow an unauthenticated...

6.3CVSS0.00356EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.5 views

PT-2025-16947 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: A vulnerability has been identified in the product where it does not properly validate a length field in a serialized message, which is used to determine the amount of memory to ...

6.3CVSS6.6AI score0.00356EPSS
Exploits0References5
NVD
NVD
added 2025/04/16 6:16 p.m.22 views

CVE-2025-32872

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetOverview' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and wri...

8.8CVSS0.00525EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 6:16 p.m.4 views

CVE-2025-32872

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetOverview' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and wri...

8.7CVSS5.8AI score0.00525EPSS
Exploits0References1
Rows per page
Query Builder