Unrated severityNVD Advisory· Published Aug 3, 2023· Updated Jan 16, 2025

TEL-STER TelWin SCADA WebInterface Path Traversal

CVE-2023-0956

Description

External input could be used on TEL-STER TelWin SCADA WebInterface to construct paths to files and directories without properly neutralizing special elements within the pathname, which could allow an unauthenticated attacker to read files on the system.

Affected products

Tel Ster/Telwin SCADA Webinterfacev5
Range: 3.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert.pl/posts/2023/07/CVE-2023-0956/mitre
www.cisa.gov/news-events/ics-advisories/icsa-23-215-03mitre
www.tel-ster.pl/index.php/telwin-scada/nowosci/372-telwin-scada-podatnosc-cve-2023-0956mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000