Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scada vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2023-22450
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an malicious user to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution.
Advantech Webaccess\\/scada
5.3
CVSSv3
CVE-2018-16668
An issue exists in CIRCONTROL CirCarLife prior to 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository.
Circontrol Circarlife Scada
5.3
CVSSv3
CVE-2018-16671
An issue exists in CIRCONTROL CirCarLife prior to 4.3. There is system software information disclosure due to lack of authentication for /html/device-id.
Circontrol Circarlife Scada
9.8
CVSSv3
CVE-2023-32628
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an malicious user to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution.
Advantech Webaccess\\/scada
6.5
CVSSv3
CVE-2021-22674
The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions before 8.4.5, WebAccess/SCADA versions before 9.0.1).
Advantech Webaccess\\/scada
3.3
CVSSv3
CVE-2018-19004
LCDS Laquis SCADA prior to version 4.1.0.4150 allows out of bounds read when opening a specially crafted project file, which may allow data exfiltration.
Lcds Laquis Scada
5.3
CVSSv3
CVE-2018-19000
LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data.
Lcds Laquis Scada
7.8
CVSSv3
CVE-2018-19002
LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash.
Lcds Laquis Scada
7.8
CVSSv3
CVE-2018-19029
LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a controlled memory address, which may allow remote code execution, data exfiltration, or cause a system crash.
Lcds Laquis Scada
9.8
CVSSv3
CVE-2023-4485
ARDEREG ?Sistema SCADA Central versions 2.203 and prior login page are vulnerable to an unauthenticated blind SQL injection attack. An attacker could manipulate the application's SQL query logic to extract sensitive information or perform unauthorized actions within the data...
Ardereg Sistemas Scada
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »