Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate privileges on the system.
CVSS Information
N/A
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
Advantech WebAccess SCADA 安全漏洞
Vulnerability Description
Advantech WebAccess/SCADA是中国台湾研华(Advantech)公司的一套基于浏览器架构的SCADA软件。该软件支持动态图形显示和实时数据控制,并提供远程控制和管理自动化设备的功能。 WebAccess SCADA存在安全漏洞,该漏洞源于程序的项目管理页面默认设置了错误的权限,这可能会允许低特权用户更新管理员的密码,并以管理员身份登录来升级系统上的特权。
CVSS Information
N/A
Vulnerability Type
N/A