VYPR
Vendor

Spidercontrol

Products
3
CVEs
7
Across products
7
Status
Private

Products

3

Recent CVEs

7
  • CVE-2017-13995CriOct 5, 2017
    risk 0.65cvss 10.0epss 0.02

    An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC…

  • CVE-2017-12707CriAug 25, 2017
    risk 0.64cvss 9.8epss 0.03

    A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Opening a maliciously crafted html file may cause a stack overflow.

  • CVE-2017-14010HigApr 26, 2018
    risk 0.51cvss 7.8epss 0.02

    In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded…

  • CVE-2017-12728HigOct 5, 2017
    risk 0.51cvss 7.8epss 0.00

    An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary…

  • CVE-2024-8232HigSep 10, 2024
    risk 0.49cvss 7.5epss 0.13

    SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication.

  • CVE-2017-12694HigAug 25, 2017
    risk 0.49cvss 7.5epss 0.04

    A Directory Traversal issue was discovered in SpiderControl SCADA Web Server. An attacker may be able to use a simple GET request to perform a directory traversal into system files.

  • CVE-2023-3329Aug 2, 2023
    risk 0.00cvss epss 0.01

    SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially…