2 matches found
CVE-2021-43938
Elcomplus SmartPTT SCADA Server (vulnerable component: information exposure via unauthenticated file requests) is affected by CVE-2021-43938. The vulnerability arises from allowing an unauthenticated user to request various files from the server without authentication or authorization, leading to...
CVE-2021-43937
The CVE-2021-43937 entry affects Elcomplus SmartPTT SCADA Server, where the web application does not sufficiently verify that a request is intentionally submitted by the user. This is a Cross-site Request Forgery (CSRF) vulnerability (CWE-352) impacting the SmartPTT SCADA Server web interface. Th...