CVE-2023-31161: Improper Input Validation in Web Interface

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-31161

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Improper Input Validation in Web Interface

Source: NVD (National Vulnerability Database)

Vulnerability Description

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects. See SEL Service Bulletin dated 2022-11-15 for more details.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

Source: NVD (National Vulnerability Database)

Vulnerability Type

输入验证不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

Schweitzer Engineering Laboratories Real Time Automation Controller 输入验证错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Schweitzer Engineering Laboratories Real Time Automation Controller（SEL RTAC）是美国Schweitzer Engineering Laboratories公司的一个功能强大的多功能自动化平台。 Schweitzer Engineering Laboratories Real Time Automation Controller存在安全漏洞，该漏洞源于Web 界面中的存在不当输入验证，远程攻击者利用该漏洞可以使用内部资源。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Schweitzer Engineering Laboratories	SEL-3532	R143-V0 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-3555	R143-V0 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-3560S	R144-V2 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-3560E	R144-V2 ~ R150-V2	-
Schweitzer Engineering Laboratories	SEL-3350	R148-V0 ~ R150-V2	-

II. Public POCs for CVE-2023-31161

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-31161

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same vendor: Schweitzer Engineering Laboratories

Same weakness: CWE-20

V. Comments for CVE-2023-31161

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2023-31161

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-31161

III. Intelligence Information for CVE-2023-31161

IV. Related Vulnerabilities

V. Comments for CVE-2023-31161

Leave a comment