VYPR
Vendor

IniNet Solutions

Products
3
CVEs
6
Across products
6
Status
Private

Products

3

Recent CVEs

6
  • CVE-2017-13995CriOct 5, 2017
    risk 0.65cvss 10.0epss 0.02

    An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC…

  • CVE-2024-10313HigOct 24, 2024
    risk 0.52cvss 8.0epss 0.00

    iniNet Solutions SpiderControl SCADA PC HMI Editor has a path traversal vulnerability. When the software loads a malicious ‘ems' project template file constructed by an attacker, it can write files to arbitrary directories. This can lead to overwriting system files, …

  • CVE-2015-1005Oct 25, 2015
    risk 0.00cvss epss 0.00

    IniNet embeddedWebServer (aka eWebServer) before 2.02 for Windows CE uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.

  • CVE-2015-1003Oct 25, 2015
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in IniNet embeddedWebServer (aka eWebServer) before 2.02 allows remote attackers to read arbitrary files via a crafted pathname.

  • CVE-2015-1002Oct 25, 2015
    risk 0.00cvss epss 0.01

    IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL encoding, which allows remote attackers to write to or delete files via a crafted string.

  • CVE-2015-1001Oct 25, 2015
    risk 0.00cvss epss 0.04

    Multiple stack-based buffer overflows in IniNet embeddedWebServer (aka eWebServer) before 2.02 allow remote attackers to execute arbitrary code via a long field in an HTTP request.