N/A

Server-side request forgery vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may bypass the database restriction set on the query setting page, and connect to a user unintended database.

N/A

N/A

Contec CONPROSYS HMI System 代码问题漏洞

Contec CONPROSYS HMI System是日本Contec公司的一个基于 HTML5 技术的 HMI（人机界面）/SCADA（监控和数据采集）软件产品。 Contec CONPROSYS HMI System 3.5.3之前版本存在安全漏洞，该漏洞源于存在服务器端请求伪造漏洞。

N/A

N/A