Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scada web server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-24998
Apache Commons FileUpload prior to 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option...
Apache Commons Fileupload
Apache Commons Fileupload 1.0
Debian Debian Linux 9.0
Debian Debian Linux 11.0
NA
CVE-2024-22182
A remote, unauthenticated attacker may be able to send crafted messages to the web server of the Commend WS203VICM causing the system to restart, interrupting service.
7.5
CVSSv2
CVE-2022-22987
The affected product has a hardcoded private key available inside the project folder, which may allow an malicious user to achieve Web Server login and perform further actions.
Advantech Adam-3600 Firmware
NA
CVE-2022-33944
The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object references vulnerability on endpoint and POST parameter “Device ID,” which accepts arbitrary device IDs.
Micodus Mv720 Firmware -
1 Article
NA
CVE-2023-45227
An attacker with access to the web application with vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "dns.0.server" parameter.
Westermo L206-f2g Firmware 4.24
3.3
CVSSv2
CVE-2021-20826
Unprotected transport of credentials vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and previous versions, FC6A Series MICROSmart Plus CPU module v1.91 and previous versions, WindLDR v8.19.1 and previous versions, WindEDIT Lite v1.3.1 and previous ...
Idec Microsmart Fc6a Firmware
Idec Microsmart Plus Fc6a Firmware
Idec Data File Manager
Idec Windedit
Idec Windldr
NA
CVE-2022-34150
The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object reference vulnerability on endpoint and parameter device IDs, which accept arbitrary device IDs without further verification.
Micodus Mv720 Firmware -
1 Article
NA
CVE-2022-2199
The main MiCODUS MV720 GPS tracker web server has a reflected cross-site scripting vulnerability that could allow an malicious user to gain control by tricking a user into making a request.
Micodus Mv720 Firmware -
1 Article
5
CVSSv2
CVE-2021-4161
The affected products contain vulnerable firmware, which could allow an malicious user to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server.
Moxa Mgate Mb3180 Firmware
Moxa Mgate Mb3280 Firmware
Moxa Mgate Mb3480 Firmware
5
CVSSv2
CVE-2021-20827
Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and previous versions, FC6A Series MICROSmart Plus CPU module v1.91 and previous versions, WindLDR v8.19.1 and previous versions, WindEDIT Lite v1.3.1 and previous versi...
Idec Microsmart Fc6a Firmware
Idec Microsmart Plus Fc6a Firmware
Idec Data File Manager
Idec Windedit
Idec Windldr
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »