SCADA Webserver
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12728 | Hig | 0.51 | 7.8 | 0.00 | Oct 5, 2017 | An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary… | ||
| CVE-2024-8232 | Hig | 0.49 | 7.5 | 0.13 | Sep 10, 2024 | SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication. | ||
| CVE-2017-12694 | Hig | 0.49 | 7.5 | 0.04 | Aug 25, 2017 | A Directory Traversal issue was discovered in SpiderControl SCADA Web Server. An attacker may be able to use a simple GET request to perform a directory traversal into system files. | ||
| CVE-2023-3329 | 0.00 | — | 0.01 | Aug 2, 2023 | SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially… |
- risk 0.51cvss 7.8epss 0.00
An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary…
- risk 0.49cvss 7.5epss 0.13
SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication.
- risk 0.49cvss 7.5epss 0.04
A Directory Traversal issue was discovered in SpiderControl SCADA Web Server. An attacker may be able to use a simple GET request to perform a directory traversal into system files.
- CVE-2023-3329Aug 2, 2023risk 0.00cvss —epss 0.01
SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially…