Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lcds laquis scada vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5040
There are multiple ways in LCDS LAquis SCADA for an malicious user to access locations outside of their own directory.
6.1
CVSSv3
CVE-2021-32989
When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting.
Lcds Laquis Scada
7.8
CVSSv3
CVE-2021-41579
LCDS LAquis SCADA up to and including 4.3.1.1085 is vulnerable to a control bypass and path traversal. If an attacker can get a victim to load a malicious els project file and use the play feature, then the attacker can bypass a consent popup and write arbitrary files to OS locat...
Laquisscada Scada
5.5
CVSSv3
CVE-2020-10618
LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to sensitive information exposure by unauthorized users.
Lcds Laquis Scada
7.8
CVSSv3
CVE-2020-10622
LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users
Lcds Laquis Scada
7.1
CVSSv3
CVE-2018-18994
LCDS Laquis SCADA prior to version 4.1.0.4150 allows an out of bounds read when opening a specially crafted project file, which may cause a system crash or allow data exfiltration.
Laquisscada Laquis Scada
7.8
CVSSv3
CVE-2019-6536
Opening a specially crafted LCDS LAquis SCADA prior to 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an malicious user to execute remote code in the context of the current process.
Lcds Laquis Scada 4.1.0.4150
7.8
CVSSv3
CVE-2018-18986
LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a specially crafted report format file that may cause an out of bounds read, which may cause a system crash, allow data exfiltration, or remote code execution.
Lcds Laquis Scada
5.3
CVSSv3
CVE-2018-18990
LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information under the context of the web server process.
Lcds Laquis Scada
8.8
CVSSv3
CVE-2018-18992
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an malicious user to execute remote code on the server.
Lcds Laquis Scada
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »