CRITICALπŸ‡΅πŸ‡± Wersja polska

CVE-2020-10611

CVSS 9.8v3.1pub. 2020-04-15upd. 2024-11-21

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Trianglemicroworks Scada Data Gateway

    APP
    Trianglemicroworks
    2.41.0213 – 4.0.122
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-39457CRITICAL9.8PL βœ“ten sam produkt

Brak uwierzytelnienia w Triangle MicroWorks SCADA Data Gateway β€” RCE jako root

CVE-2022-0369HIGH8.8ten sam produkt

Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerabili...

CVE-2023-39459HIGH7.8ten sam produkt

Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability. This vulnera...

CVE-2023-39460HIGH7.2ten sam produkt

Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. Th...

CVE-2023-39463HIGH7.2ten sam produkt

Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution...

CVE-2020-10611 β€” Trianglemicroworks β€” Scada Data Gateway β€” CRITICAL β€” CVSS 9.8 | CVEbaza.pl