B&R Industrial Automation Security Vulnerabilities

CVE-2022-3976

A vulnerability has been found in MZ Automation libiec61850 up to 1.4 and classified as critical. This vulnerability affects unknown code of the file src/mms/iso_mms/client/mms_client_files.c of the component MMS File Services. The manipulation of the argument filename leads to path traversal....

Exploit for Incorrect Authorization in Atlassian Confluence Data Center

CVE-2023-22518 Improper Authorization Vulnerability in...

Exploit for PHP External Variable Modification in Juniper Junos

Automation for Juniper CVE:2023-36845 by Asbawy -> Modified...

Advantech WebAccess Web Administration Interface Detection

The remote host is running a web interface for Advantech WebAccess, a web-based SCADA HMI...

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2023-51775)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s).....

Exploit for CVE-2024-30078

CVE-2024-30078 Detection and Command Execution Script This...

Fedora 39 : R (2024-07b7b83a4f)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-07b7b83a4f advisory. Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including...

r-broker.ru Cross Site Scripting vulnerability OBB-3918433

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2023-5115

An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction...

Inductive Automation Ignition Detection

Inductive Automation Ignition, a web based SCADA HMI solution, was detected on the remote...

Fedora 38 : R (2024-bc590cb3f1)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-bc590cb3f1 advisory. Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including...

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado

Summary When Tornado receives a request with two Transfer-Encoding: chunked headers, it ignores them both. This enables request smuggling when Tornado is deployed behind a proxy server that emits such requests. Pound does this. PoC Install Tornado. Start a simple Tornado server that echoes each...

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado

Summary When Tornado receives a request with two Transfer-Encoding: chunked headers, it ignores them both. This enables request smuggling when Tornado is deployed behind a proxy server that emits such requests. Pound does this. PoC Install Tornado. Start a simple Tornado server that echoes each...

Exploit for CVE-2024-30078

CVE-2024-30078 Detection and Command Execution Script This...

Rockwell Automation ControlLogix Communications Modules Multiple Vulnerabilities

Rockwell Automation ControlLogix Communications Modules are affected by multiple vulnerabilities, as follows: A remote code execution vulnerability via crafted CIP messages. (CVE-2023-3595) A denial of service vulnerability via crafted CIP messages. (CVE-2023-3596) Note that Nessus has not...

Rockwell Automation RSLinx Classic <= 4.00.01 Multiple Vulnerabilities

The remote host has a version of RSLinx Classic installed that is v4.00.01 or prior. It is, therefore, affected by multiple...

Exploit for OS Command Injection in Dolibarr Dolibarr Erp/Crm

CVE-2023-30253...

CVE-2024-0220 B&R products use insufficient communication encryption

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive...

CVE-2023-23205

An issue was discovered in lib60870 v2.3.2. There is a memory leak in...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: consul, frp, flux-image-reflector-controller, external-secrets-operator, kube-state-metrics, gomplate, aws-load-balancer-controller, newrelic-infrastructure-agent, influxd, thanos-operator, nfs-subdir-external-provisioner, opentofu, gatekeeper, nri-prometheus,...

HP Client Automation radexecd.exe Remote Command Execution

The HP Client Automation service on the remote port is affected by a command execution vulnerability. The vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Client Automation. Authentication is not required to exploit the vulnerability. The flaw...

Exploit for OS Command Injection in Dolibarr Dolibarr Erp/Crm

CVE-2023-30253 Exploit Dolibarr...

Exploit for OS Command Injection in Dolibarr Dolibarr Erp/Crm

CVE-2023-30253 Exploit Dolibarr...

Exploit for CVE-2022-44666

Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: consul, frp, flux-image-reflector-controller, external-secrets-operator, kube-state-metrics, gomplate, aws-load-balancer-controller, newrelic-infrastructure-agent, influxd, thanos-operator, nfs-subdir-external-provisioner, opentofu, gatekeeper, nri-prometheus,...

CVE-2024-36963

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

CVE-2024-36963

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

Inductive Automation Ignition 8.x < 8.0.10 Multiple Vulnerabilities

The version of Inductive Automation Ignition running on the remote host is affected by multiple vulnerabilities : A denial of service (DoS) vulnerability exists due to an unprotected logging route when the Perspective Module is running. An unauthenticated, remote attacker can exploit...

Rockwell Automation RSLinx Classic < 4.11.00 Local Privilege Escalation

The remote host has a version of RSLinx Classic installed that is prior to 4.11.00. It is, therefore, affected by a local privilege escalation vulnerability where an authenticated attacker could modify a registry key, thiw could lead to the execution of malicious code usying system privileges when....

Rockwell Automation RSLinx Classic < 4.00.01 Local Privilege Escalation

The remote host has a version of RSLinx Classic installed that is prior to 4.00.01. It is, therefore, affected by a local privilege escalation vulnerability due to an unquoted path for a Windows service. A local attacker can gain elevated privileges by inserting an executable file in the path of...

Exploit for Injection in Gitlab

CVE-2022-2992 Authenticated Remote Command Execution in...

[SECURITY] Fedora 40 Update: qt5-qtserialbus-5.15.14-1.fc40

Qt Serial Bus (API) provides classes and functions to access the various industrial serial buses and protocols, such as CAN, ModBus, and...

Rockwell Automation RSLinx Classic Detection

The remote host has a version of Rockwell Automation RSLinx Classic installed, software commonly used for managing industrial automation control...

Micro Focus Network Automation Detection

Micro Focus Network Automation (formerly HP Network Automation), a web-based application for automating IT processes, is running on the remote...

CVE-2023-43490

Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local...

Siemens Automation License Manager Detection

The remote host has Siemens Automation License Manager installed. Siemens Automation License Manager is used for authorizing and licensing Siemens SIMATIC Industry...

Rockwell Automation ControlLogix Service Detection

The remote host is a Rockwell Automation 1756 ControlLogix...

Inductive Automation Ignition Multiple Vulnerabilities

The version of Inductive Automation Ignition listening on the remote host is affected by multiple vulnerabilities : A cross-site scripting vulnerability exists in Java Web Start when adding any symbols to web requests for starting Java applets. A remote attacker can exploit this to...

(RHSA-2024:1640) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that...

Exploit for CVE-2024-31848

Exploiting CData within Jetty servers -...

Exploit for Code Injection in Openplcproject Openplc V3 Firmware

CVE-2021-31630 Modified the PoC...

R Programming Language 1.4.0 < 4.4.0 Insecure Deserialization

The version of the R Programming Language running on the remote host is 1.4.0 or later, before 4.4.0. It is, therefore, affected by an insecure deserialization vulnerability. Deserialization of untrusted data can occur, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R.....

CVE-2024-28764 IBM WebSphere Automation CSV injection

IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to conduct a CSV injection. An attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: ...

Siemens Automation License Manager 5.x < 5.3.4.4 Multiple Vulnerabilities

The remote host has a version of Siemens Automation License Manager installed that is affected by the following vulnerabilities : A user-input validation error exists that allows a directory traversal attack. This could allow, among other actions, code execution. User interaction is ...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: consul, frp, flux-image-reflector-controller, external-secrets-operator, kube-state-metrics, gomplate, aws-load-balancer-controller, newrelic-infrastructure-agent, influxd, thanos-operator, nfs-subdir-external-provisioner, opentofu, gatekeeper, nri-prometheus,...

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: consul, nri-mssql, crossplane, frp, cert-manager, flux-image-reflector-controller, external-secrets-operator, kube-state-metrics, step, gomplate, kubernetes-event-exporter, trivy, influxd, nfs-subdir-external-provisioner, opentofu, prometheus-nats-exporter,...

Siemens Automation License Manager 6.x < 6.0.1 Directory Traversal

The version of Siemens Automation License Manager installed on the remote host is version 6.x prior to 6.0.1 and thus, is affected by a user-input validation error that allows a directory traversal attack. This could allow, among other actions, code execution. User interaction is required for this....

WebCTRL OEM <= 6.5 - Cross-Site Scripting

WebCTRL OEM 6.5 and prior is susceptible to a cross-site scripting vulnerability because the login portal does not sanitize the operatorlocale GET...

Exploit for OS Command Injection in Php

CVE-2024-4577 Argument injection vulnerability in PHP...

Rockwell Automation RSLinx Classic <= 2.57.00.14 DoS (CVE-2020-13573)

The remote host has a version of RSLinx Classic installed that is prior or equal to 2.57.00.14. It is, therefore, potentially affected by a denial of service vulnerability in the Ethernet/IP server implementation. A remote, unauthenticated attacker could cause the device to crash by sending a...