The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to bypass authentication and read arbitrary files via unspecified vectors.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NTrihedral Vtscada
APPTrihedral10.0.1110.0.1310.0.1410.0.1610.0.1710.1.0510.1.0610.1.0710.1.1210.2.0510.2.0710.2.0810.2.1110.2.1310.2.14+ 39 więcej
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
Related vulnerabilities
CVE-2016-4532CRITICAL9.1ten sam produkt
Directory traversal vulnerability in the WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x be...
CVE-2016-4523HIGH7.5⚠ KEVten sam produkt
The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers ...
CVE-2022-3181HIGH7.5ten sam produkt
An Improper Input Validation vulnerability exists in Trihedral VTScada version 12.0.38 and prior. A specifical...
CVE-2017-14031HIGH7.8ten sam produkt
An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. A local, non-administr...
CVE-2017-14029HIGH7.8ten sam produkt
An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program w...