Filtered by vendor Spidercontrol
Subscribe
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12728 | 1 Spidercontrol | 1 Scada Webserver | 2020-08-19 | 7.2 HIGH | 7.8 HIGH |
| An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the context of the current system services. | |||||
| CVE-2018-18991 | 1 Spidercontrol | 1 Scada Webserver | 2019-10-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected cross-site scripting (non-persistent) in SCADA WebServer (Versions prior to 2.03.0001) could allow an attacker to send a crafted URL that contains JavaScript, which can be reflected off the web application to the victim's browser. | |||||
| CVE-2017-12694 | 1 Spidercontrol | 1 Scada Web Server | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| A Directory Traversal issue was discovered in SpiderControl SCADA Web Server. An attacker may be able to use a simple GET request to perform a directory traversal into system files. | |||||
| CVE-2017-12707 | 1 Spidercontrol | 1 Scada Microbrowser | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Opening a maliciously crafted html file may cause a stack overflow. | |||||
| CVE-2017-13995 | 1 Spidercontrol | 1 Ininet Webserver | 2019-10-09 | 7.5 HIGH | 10.0 CRITICAL |
| An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC variables. | |||||
| CVE-2017-14010 | 2 Microsoft, Spidercontrol | 6 Windows 10, Windows 7, Windows 8 and 3 more | 2019-10-09 | 6.8 MEDIUM | 7.8 HIGH |
| In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid DLL, an attacker could execute arbitrary code on the system. | |||||