Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability
Vulnerability Description
Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilitites to execute arbitrary code in the context of root. Was ZDI-CAN-20536.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Triangle MicroWorks SCADA Data Gateway 安全漏洞
Vulnerability Description
Triangle MicroWorks SCADA Data Gateway是美国Triangle MicroWorks公司的一款SCADA数据网关产品。 Triangle MicroWorks SCADA Data Gateway存在安全漏洞,该漏洞源于工作区文件的处理中存在特定缺陷,允许远程攻击者上传任意文件。
CVSS Information
N/A
Vulnerability Type
N/A