Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is required to exploit this vulnerability.
The specific flaw exists within the handling of DbasSectorFileToExecuteOnReset parameter. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20799.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: zdi
Published: 2024-05-03T01:59:30.325Z
Updated: 2024-08-02T18:10:20.697Z
Reserved: 2023-08-02T21:37:23.123Z
Link: CVE-2023-39468
Vulnrichment
Updated: 2024-08-02T18:10:20.697Z
NVD
Status : Awaiting Analysis
Published: 2024-05-03T03:15:12.563
Modified: 2024-11-21T08:15:29.043
Link: CVE-2023-39468
Redhat
No data.