7 matches found
CVE-2025-32842
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetUsers' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write ...
CVE-2025-32866
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetLogs' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write t...
CVE-2025-32855
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockOpcSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...
CVE-2025-32835
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariableArchivingBuffering' method. This could allow an authenticated remote attacker to bypass authorization...
CVE-2025-31352
TeleControl Server Basic (versions
CVE-2025-31350
CVE-2025-31350 affects Siemens TeleControl Server Basic (versions before 3.1.2.2). A SQL injection in the internal UpdateBufferingSettings method allows an authenticated remote attacker to bypass authorization, read/write the application database, and execute code with NT AUTHORITY\NetworkService...
CVE-2025-30032
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateDatabaseSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...