EUVD-2018-11378

Malware in sbrugna...

CVE-2018-19694

HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous have reflected XSS in the login form...

CVE-2018-19694

HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous have reflected XSS in the login form...

Cross site scripting

HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous have reflected XSS in the login form...

CVE-2018-19694

HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous have reflected XSS in the login form...

CVE-2018-19694

CVE-2018-19694 affects HMS Netbiter WS100 (3.30.5 and earlier) with a reflected Cross‑Site Scripting vulnerability in the login form. Root cause: improper input validation on web UI. Impact: confidentiality/integrity impact listed as low in ATT&CK/CVSS data; exploitation is possible remotely via ...

Netbiter WS100 Cross-Site Scripting Vulnerability

Netbiter WS100 is a remote management solution for industrial controls e.g. emergency generators. A cross-site scripting vulnerability exists in Netbiter WS100. An attacker can exploit the vulnerability to inject arbitrary web script or HTML...

HMS Netbiter WS100 3.30.5 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory ID: SYSS-2018-042 Product: Netbiter WS100 Manufacturer: HMS Industrial Networks AB Affected Versions: 3.30.5 = Tested Versions: 3.30.5 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level: Low Solution Status: Fixed Manufacturer...

Design/Logic Flaw

cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS, Ouman EH-net, Alliance System WS100 -- AWU 500, Sauter ERW100F001, Carlo Gavazzi SIU-DLG, AEDILIS SMART-1, SYXTHSENSE WebBiter, ABB SREA, and ASCON DY WebServer devices, allows remote authenticated users to execute arbitrary ...

CVE-2017-17888

The CVE-2017-17888 entry concerns Anti-Web (up to version 3.8.7) used in multiple industrial/OT devices (NetBiter/HMS, Ouman EH-net, Alliance WS100 → AWU 500, Sauter ERW100F001, Carlo Gavazzi SIU-DLG, AEDILIS SMART-1, SYXTHSENSE WebBiter, ABB SREA, ASCON DY WebServer). Vulnerability: remote authe...

CVE-2017-17888

cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS, Ouman EH-net, Alliance System WS100 -- AWU 500, Sauter ERW100F001, Carlo Gavazzi SIU-DLG, AEDILIS SMART-1, SYXTHSENSE WebBiter, ABB SREA, and ASCON DY WebServer devices, allows remote authenticated users to execute arbitrary ...

CVE-2017-9097

In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices through 3.30.5, EC150 devices through 1.40.0, WS200 devices through 3.30.4, EC250 devices through 1.40.0, and other products, an LFI vulnerability allows a remote attacker to read or modify files through a...

CVE-2017-9097

CVE-2017-9097 (Anti-Web LFI) is an LFI vulnerability affecting Anti-Web versions up to 3.8.7 on NetBiter FGW200 (up to 3.21.2), WS100 (up to 3.30.5), EC150 (up to 1.40.0), WS200 (up to 3.30.4), EC250 (up to 1.40.0), and related products. The issue allows a remote attacker to read or modify files ...

CVE-2010-4733

WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a...

CVE-2010-4730

Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a...

CVE-2010-4733

CVE-2010-4733 and related entries describe default-credential and remote-authenticated risks affecting Intellicom NetBiter NetSCADA WebSCADA components (WS100/WS200, EC150, MB100, SS100 on NB100/NB200). The root issue cited is default usernames/passwords allowing superadmin access via the web int...

CVE-2010-4732

CVE-2010-4732 affects WebSCADA WS100/WS200, Easy Connect EC150, Modbus RTU-TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100/NB200 platforms. The vulnerability is in cgi-bin/read.cgi and lets remote authenticated administrators replace the logo page GIF via a co...

Intellicom Netbiter webSCADA Products - read.cgi Multiple Remote Security Vulnerabilities

Intellicom Netbiter webSCADA Products - read.cgi Multiple Remote Security Vulnerabilities source: https://www.securityfocus.com/bid/43636/info Intellicom Netbiter webSCADA products are prone to multiple remote security vulnerabilities, including a directory-traversal vulnerability, an...