Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/04/25 4:16 p.m.6 views

CVE-2025-31349

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateSmtpSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from...

8.8CVSS7.8AI score0.00732EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 6:16 p.m.12 views

CVE-2025-32869

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ImportCertificate' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

8.8CVSS0.00379EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 6:16 p.m.7 views

CVE-2025-30003

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectConnections' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

8.8CVSS0.00732EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/16 5:38 p.m.11 views

CVE-2025-32867

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'CreateBackup' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

8.8CVSS0.00594EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/16 5:38 p.m.7 views

CVE-2025-32846

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockGeneralSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from...

8.8CVSS7.8AI score0.00683EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 5:37 p.m.52 views

CVE-2025-32831

The CVE-2025-32831 flaw affects Siemens TeleControl Server Basic (versions prior to 3.1.2.2), with SQL injection via the internal UpdateProjectUserRights method. Attackers authenticated to the system could read/write the application DB and execute code with NT AUTHORITY\NetworkService permissions...

8.8CVSS8.1AI score0.00683EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/16 5:37 p.m.6 views

CVE-2025-32825

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetProjects' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and wri...

8.8CVSS8.8AI score0.00683EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/16 5:37 p.m.10 views

CVE-2025-32825

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetProjects' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and wri...

8.8CVSS0.00683EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 5:37 p.m.52 views

CVE-2025-30032

CVE-2025-30032 affects Siemens TeleControl Server Basic (versions prior to 3.1.2.2). The vulnerability is a SQL injection in the internal UpdateDatabaseSettings method, allowing an authenticated remote attacker to bypass authorization, read/write the application database, and execute code with NT...

8.8CVSS8.8AI score0.00732EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder