Lucene search
K

7 matches found

CNVD
CNVD
added 2022/05/26 12:0 a.m.18 views

Open Automation Software OAS Platform访问控制错误漏洞

Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. An access control error vulnerability exists in Open Automation Software OAS Platform version V16.00.0112, which stems from an external configuration control issue with the OAS...

7.5CVSS2.4AI score0.01208EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/26 12:0 a.m.16 views

Open Automation Software OAS Platform信息泄露漏洞

Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. An information disclosure vulnerability exists in Open Automation Software OAS Platform version V16.00.0112, which stems from an information disclosure issue in the OAS Engine...

7.5CVSS2.6AI score0.01221EPSS
Exploits1References1
Prion
Prion
added 2022/05/25 9:15 p.m.20 views

Design/Logic Flaw

A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability...

5CVSS7.3AI score0.0114EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/05/25 8:15 p.m.83 views

CVE-2022-27169

CVE-2022-27169 : The TALOS vulnerability report confirms an information disclosure in Open Automation Software OAS Platform (V16.00.0112) via the OAS Engine SecureBrowseFile function. An unauthenticated, network-directed configuration message to TCP/58727 can trigger a directory listing and expos...

7.5CVSS7.2AI score0.01641EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/05/25 8:15 p.m.19 views

CVE-2022-26082

A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability...

9.1CVSS9.9AI score0.18607EPSS
Exploits1References1
Talos
Talos
added 2022/05/25 12:0 a.m.30 views

Open Automation Software Platform Engine SecureBrowseFile information disclosure vulnerability

Summary An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger th...

7.5CVSS7.6AI score0.01641EPSS
Exploits1
Talos
Talos
added 2022/05/25 12:0 a.m.75 views

Open Automation Software Platform Engine SecureTransferFiles file write vulnerability

Summary A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...

9.8CVSS10AI score0.18607EPSS
Exploits1
Rows per page
Query Builder