VYPR

Webhmi

by Iconics

CVEs (4)

  • CVE-2025-1960CriMar 12, 2025
    risk 0.64cvss 9.8epss 0.01

    CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an attacker to execute unauthorized commands when a system’s default password credentials have not been changed on first use. The default username is not displayed correctly…

  • CVE-2016-2289HigApr 1, 2016
    risk 0.49cvss 7.5epss 0.02

    Directory traversal vulnerability in ICONICS WebHMI 9 and earlier allows remote attackers to read configuration files, and consequently discover password hashes, via unspecified vectors.

  • CVE-2022-2254Jul 1, 2022
    risk 0.00cvss epss 0.00

    A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 can store a script that could impact other logged in users.

  • CVE-2022-2253Jul 1, 2022
    risk 0.00cvss epss 0.01

    A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 may send OS commands to execute on the host server.