Unrated severityCISA KEVNVD Advisory· Published Jun 11, 2021· Updated Dec 4, 2025

CVE-2021-26828

Description

OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.

Affected products

OpenPLC/ScadaBRdescription

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

forum.scadabr.com.br/t/report-falhas-de-seguranca-em-versoes-do-scadabr/3615/4mitrex_refsource_MISC
packetstormsecurity.com/files/162564/ScadaBR-1.0-1.1CE-Linux-Shell-Upload.htmlmitrex_refsource_MISC
youtu.be/k1teIStQr1Amitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.064
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000