2 matches found
CVE-2025-32861
CVE-2025-32861 (TeleControl Server Basic) : The Siemens TeleControl Server Basic product is affected in all versions before 3.1.2.2 by a SQL injection in the internal UpdateTraceLevelSettings path, allowing an authenticated remote attacker to bypass authorization, read/write the application datab...
CVE-2025-32837
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetActiveConnectionVariables' method. This could allow an authenticated remote attacker to bypass authorization controls, to...