SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially overwriting system files and creating a denial-of-service condition.
Metrics
Affected Vendors & Products
References
History
Tue, 29 Oct 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-22 | |
Metrics |
ssvc
|
ssvc
|
Thu, 17 Oct 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2023-08-02T22:26:07.157Z
Updated: 2024-10-29T17:48:43.098Z
Reserved: 2023-06-19T17:52:02.498Z
Link: CVE-2023-3329
Vulnrichment
Updated: 2024-08-02T06:55:03.291Z
NVD
Status : Modified
Published: 2023-08-02T23:15:10.547
Modified: 2024-11-21T08:17:01.620
Link: CVE-2023-3329
Redhat
No data.