Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scada vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-32628
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an malicious user to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution.
Advantech Webaccess\\/scada
6.8
CVSSv2
CVE-2020-10622
LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users
Lcds Laquis Scada
4.3
CVSSv2
CVE-2021-27436
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an malicious user to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a maliciou...
Advantech Webaccess\\/scada
NA
CVE-2024-22016
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege escalation.
Rapidscada Rapid Scada
NA
CVE-2024-22096
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the system.
Rapidscada Rapid Scada
8.3
CVSSv2
CVE-2018-18988
LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may allow remote code execution, data exfiltration, or cause a system crash.
Lcds Laquis Scada
4.3
CVSSv2
CVE-2018-18991
Reflected cross-site scripting (non-persistent) in SCADA WebServer (Versions before 2.03.0001) could allow an malicious user to send a crafted URL that contains JavaScript, which can be reflected off the web application to the victim's browser.
Spidercontrol Scada Webserver
7.8
CVSSv2
CVE-2018-18994
LCDS Laquis SCADA prior to version 4.1.0.4150 allows an out of bounds read when opening a specially crafted project file, which may cause a system crash or allow data exfiltration.
Laquisscada Laquis Scada
7.5
CVSSv2
CVE-2018-18998
LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges.
Lcds Laquis Scada
4.3
CVSSv2
CVE-2018-19004
LCDS Laquis SCADA prior to version 4.1.0.4150 allows out of bounds read when opening a specially crafted project file, which may allow data exfiltration.
Lcds Laquis Scada
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »