Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Siemens SIMATIC WinCC HMI web服务器多个输入验证漏洞
Vulnerability Description
Siemens SIMATIC WinCC Flexible是一款集成了SIMATIC STEP 7、SIMATIC WinCC和SINAMICS StartDrive的工程设计软件平台。 Siemens SIMATIC WinCC多个版本中的HMI web服务器中存在CRLF注入漏洞。远程攻击者利用该漏洞借助未明向量注入任意HTTP标头或者进行HTTP响应拆分攻击。这些版本包括:Siemens WinCC flexible 在SP3版本前的2004版本、2005版本、2007版本和2008版本,WinC
CVSS Information
N/A
Vulnerability Type
N/A