CRITICAL🇬🇧 English

CVE-2018-18996

CVSS 9.8v3.0pub. 2019-02-05upd. 2024-11-21

LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute remote code on the server.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Lcds Laquis Scada

    APP
    Lcds
    < 4.1.0.4150
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2021-32989CRITICAL9.3ten sam produkt

When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) re...

CVE-2018-18998CRITICAL9.8ten sam produkt

LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unautho...

CVE-2018-17895CRITICAL9.8ten sam produkt

LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which may allow rem...

CVE-2018-17893CRITICAL9.8ten sam produkt

LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer dereference vulnerability, which may allow...

CVE-2018-17897CRITICAL9.8ten sam produkt

LAquis SCADA Versions 4.1.0.3870 and prior has several integer overflow to buffer overflow vulnerabilities, wh...